FIDO2Applet default setup

Support flexSecure Support
1

Hello!

I was given a blank J3R180 by a colleague and I’ve been messing around with different applets, as I am thinking of eventually getting a FlexSecure but I wanted to daily drive a card for a couple of months to see how it works. Reading around (store, forum, github) I’ve understood that the setup process for the FIDO2Applet is more involved than gp –-install FIDO2.cap (something something attestation?), but I haven’t found any recommended defaults or best practices.
BryanJacobs mentions that the applet defaults are for best compatibility, so is that the best?
How do I setup my card so that it is as close and/or as secure as a FlexSecure?

Thanks!

2 Likes
2

Use GitHub - DangerousThings/fido-attestation-loader: Tool to generate and load U2F and FIDO2 attestation certificates to vk-u2f, u2f-javacard, or Fidesmo to generate, sign, and load an attestation certificate. Make sure to run all commands using the `-m fido21` switch for compatibility with the modern opensource FIDO2.1 applet by Bryan.

4 Likes
3

implant it under you skin :winking_face_with_tongue:

5 Likes
4

I had completely missed this, thank you! Will try it out tonight

1 Like