Thanks for the information. I never thought there was some kind of insecurity. Now I really thought about this question.
1 Like
You’re quite right, I wasn’t thinking about II when I wrote that. In that case, you and I could meet at a location, and you could watch as I register your Yubikey to the II account, and then delete all of the other keys. You now own it completely. It would also work for transferring a neuron within the account, because there would then be a forced window during which you can safely confirm that you have complete control of the set of authentication keys.
2 Likes
I am really interested in this idea of setting up an II + neuron and then formally transferring ownership to someone. I think this could be an exellent way to lower the barrier to entry and attract new people to the ecosystem.
It seems like this would need to be done with hardware (unless i am missing something) leaving the Yubikey route. I would love to know if this will later include other vendors or standards, like OpenPGP.
1 Like
Oh god no. We tried this and it has become a bit of a nightmare. The lawyers got reallly really mad. 
1 Like
This is intentionally not offered as an option by Dfinity for a variety of reasons. It is briefly discussed in the tokenomics white paper and in the governance code.