The Right Kind of Secure

Apple kündigt Unterstützung für den WebAuthn-Standard in einer künftigen macOS-Version an, und Mike Peterson ist noch etwas unschlüssig, wie die vielen Vorteile von passkeys widerspruchsfrei zu bewerben sind:

Also, passkeys can be backed up to iCloud and synced across your iPhone, iPad, and Mac devices in an end-to-end encrypted fashion. [...]

Passkeys also can't be phished or stolen in a data breach as easily as passwords can. Because they're stored on your device instead of a web server, they're much more resistant to data breaches.

In scharfem Kontrast zu Mr. Petersons Vertrauen in die iCloud steht die Perspektive der Debian-Gemeinschaft auf den Umgang mit PGP-Primärschlüsseln:

You should keep your private primary key very, very safe. However, keeping all your keys extremely safe is inconvenient: every time you need to sign a new package upload, you need to copy the packages onto suitable portable media, go into your sub-basement, prove to the armed guards that you're you by using several methods of biometric and other identification, go through a deadly maze, feed the guard dogs the right kind of meat, and then finally open the safe, get out the signing laptop, and sign the packages. Then do the reverse to get back up to your Internet connection for uploading the packages.