Hacker News new | ask | show | jobs
by vaylian 73 days ago
Thank you for chiming in.

> We have to use some kind of attestation mechanism per the eIDAS implementing acts.

What does this attestation need to prove? Is this only about ensuring that private keys are managed by a secure enclave or a TPM?

> we have support for other OSs on our list (like, e.g., GrapheneOS)

I appreciate that, even though I am really not enthusiastic of eIDAS. But time will tell. Thank you.
1 comments
subscribed 73 days ago
They won't implement alternatives later, they'll be no point if "most of out customers is using either of the major providers".

Concerning secure enclave - what other device except iphones and Pixels have it actually safe?

link
vaylian 73 days ago
> They won't implement alternatives later, they'll be no point if "most of out customers is using either of the major providers".

It's hard for me to assess the effort needed here, but I guess that the GrapheneOS implementation will be 99% like the regular Android implementation. Supporting both systems does not seem to be that unrealistic.

link
subscribed 72 days ago
But the "regular android implementation" they decided to choose now is not the regular android implementation (AOSP), they're relying on the signal from Google running play store integrity checks.
link
Aachen 73 days ago
The nfc chips in identity documents
link