Also there's direct boarding from the BA lounge which is (a) very civilised (b) the kind of thing you can only really do if you have so few flights a day you always use the same gate
Hello! Due to last minute circumstances I have a spare ticket to @emf including train tickets from/to Paddington (leaving Thursday morning, returning Monday afternoon). Hit me up on Signal if you're interested, no charge but if you insist then I'll take a donation to a worthy cause
@offby1 Afraid not, given I work for what's arguably a competitor! I've heard that the waitlist clears fairly quickly these days if you're actually in SF
One of Apple's design choices around hardware-backed keys stored in the secure enclave is that they can only be used by the app that generated them - so a key generated by (eg) Chrome for WebAuthn purposes can't be used by (eg) Safari. We have a command-line tool for obtaining auth tokens from Okta that has to handle MFA, so the past few weeks have involved me figuring out enough of Okta's MFA enrollment flow to add support to it so users can use TouchID to auth from the CLI.
Except that's not quite what I did! The actual TouchID side of things is actually handled by our SSH agent, and the CLI tool talks to it. Why? Well, firstly it's already storing keys in the secure enclave for hardware-backed SSH certificates. And secondly it means things work over SSH agent forwarding! Users can now SSH to a remote system, request a set of tokens there, and have the MFA challenge tunneled back to their local system, satisfy it with TouchID auth, and receive their tokens.
@leo Yeah what would make more sense is not tunneling USB but instead having a fake USB device on the remote machine that tunnels the webauthn request over SSH agent (since I already have code for the latter half of his)
I'm still curious whether the Free Software Definition's choice to require the ability to use free software for any purpose is entirely deliberate - is there any writing on why free software must permit being used to restrict people's ability to exercise the four freedoms?
(I agree with the argument that it would be extremely difficult to write a license that enshrined this without restricting legitimate use cases, but if someone were able to do so, /should/ it be free software?)