Package Details: libfido2 1.3.0-3

Git Clone URL: https://aur.archlinux.org/libfido2.git (read-only, click to copy)
Package Base: libfido2
Description: Provides library functionality for FIDO 2.0, including communication with a device over USB
Upstream URL: https://developers.yubico.com/libfido2/
Keywords: ctap ctap1 ctap2 fido2 library u2f usb
Licenses: BSD
Submitter: kbabioch
Maintainer: kbabioch
Last Packager: kbabioch
Votes: 2
Popularity: 0.95
First Submitted: 2018-09-27 18:28
Last Updated: 2019-12-08 09:00

Latest Comments

FrederickZh commented on 2019-12-08 16:29

@mcbelisle Pls stop spamming everyone here and move the discussion to e.g. Forums as it's obviously irrelevant to this package.

FrederickZh commented on 2019-12-08 12:24

@mcbelisle Try 'gpg --keyserver hkps://hkps.pool.sks-keyservers.net --search-keys EE90AE0D19774C8386628FAAB428949EF7914718' before upgrading.

FrederickZh commented on 2019-12-08 10:19

@mcbelisle ...which is completely unrelated to this package... Make sure you've got correct permissions for $HOME/.gnupg and go read https://wiki.archlinux.org/index.php/GnuPG

kbabioch commented on 2019-12-07 15:52

Thank you for noticing this so quickly. Did a mistake there. Should be fixed now. Also I'm using the upstream release and check the signatures - as previously requested.

kbabioch commented on 2019-12-07 08:48

That is, of course, very true.

If you do indeed insist on it, I will change it to the upstream tarballs. For now, I've just bumped the version to the latest one.

By the way: I still would like to keep this package, as I'm still interested in YubiKey packages.

anthraxx commented on 2019-12-06 09:29

@kbabioch: transfer integrity protection != authentication. The signatures distributed have authentication that its in a developer intended state instead of potentially just checking for data corruption in transit. please add gpg

FrederickZh commented on 2019-10-27 08:03

@kbabioch It's faster to download the tarball. You could put git clone --depth=1 in prepare() to accelerate it by a little but I guess then it's just simpler to use the tarball.

kbabioch commented on 2019-04-11 20:23

@FrederickZh: What is the benefit over the version tagged in GitHub? Git has also integrity protection.

I wanted to stay in sync with the libfido2-git package as much as possible, so I rather not change it, unless you have a good argument for it ;-).

FrederickZh commented on 2019-04-11 04:54

They actually have got a release page with tarballs and even signatures for download: https://developers.yubico.com/libfido2/Releases/

I reckon as it's not a git package it'd be better to pull the source from the link above?