Update model-fido2.md

Dieser Commit ist enthalten in:
André Peters 2020-11-15 08:39:05 +01:00 committet von GitHub
Ursprung 9beceaf2e6
Commit 66dcbf9f6c
Es konnte kein GPG-SchlĂĽssel zu dieser Signatur gefunden werden
GPG-SchlĂĽssel-ID: 4AEE18F83AFDEB23

Datei anzeigen

@ -1,6 +1,6 @@
## How is UV handled in mailcow? ## How is UV handled in mailcow?
The UV flag (as in "user verification") enforces WebAuthn to verify the user before it allows access to the key (think of a PIN). We don't enforce but prefer UV to allow logins via iOS and NFC (YubiKey). The UV flag (as in "user verification") enforces WebAuthn to verify the user before it allows access to the key (think of a PIN). We don't enforce but prefer UV to allow logins via iOS and NFC (YubiKey). W
## Login and key processing ## Login and key processing
@ -13,3 +13,11 @@ When calling the login process, the authenticator is not given any credential ID
## Who can use WebAuthn to login to mailcow? ## Who can use WebAuthn to login to mailcow?
As of today, only administrators and domain administrators are able to setup WebAuthn/FIDO2. As of today, only administrators and domain administrators are able to setup WebAuthn/FIDO2.
## iOS problems
Please use a desktop computer to register your key with your mailcow account.
The process was tested using a YubiKey with Chrome on Windows. When registering a new, empty key, you will be prompted for a PIN for the new YubiKey. Once set and confirmed, the credentials are stored on the key. Using it with iOS works flawless now.
iOS seems not to be able to set a PIN on the device on first use, so please use a desktop computer for this step.