Depends what you mean by back channel.
If you mean SQRL Client <-> SQRL Server - Yes
If you mean Web Server <-> SQRL Server - No
At least that's how I understand it, but keep in mind I'm Mr. Newbie might build a python SQRL Server.
Thanks for clearing that up.
Umm err this is awkward. I'd never allow a paper copy of my password. I'd put it in keepass and share that file with my phone via syncthing or something like that.
It's a little disconcerting that my identity so easily displayed in all the web plugins & the...
tldr: How should I handle the security of the identity? Like an id_rsa or id_rsa.pub file(s)?
Is it just me or is there a key "Hey don't do this" is missing from the videos?
Am I supposed to keep the identity string (the big 87 character string) a secret? It seems like an id_rsa.pub file/key...
TLDR: If the SQRL client has to connect the SQRL server what port is that supposed to be? Is the SQRL Server supposed to be listening on 2 different ports at the same time, 1 for SQRL client connections and one for Web Server (private:55219) connections? What box in the image is the SSP...