One of the benefits of using Software based Strong Authentication apps (e.g. RSA SecurID Software Tokens) is that if the device that is running the Token generation app is compromised or lost, the ID can be revoked from a centralized system and the end-user provisioned a new ID.
How is this addressed in FIDO UAF / FIDO U2F? Does the user has to individually go and revoke the FIDO enrollment from each service he / she is using to authenticate to using that FIDO device?
Aucun commentaire:
Enregistrer un commentaire