Max Goedjen

> BTW, I believe that @joaopenteado has looked into the actual technical feasibility of this again recently, and most lately has reached the conclusion that the attestation API is not...

Yep I did misunderstand then, thanks for clarifying 🙏

Just out of curiosity - are there any other attestable stores for SSH keys (yubikeys being the one that jumps to mind) that do this currently? Probably would be good...

I think the sone might be fixed by some of the changes in 2.3.0. Please let me know if you continue seeing this on that version!

@tmountjr /anyone else seeing this issue still: do you see any crash reports in `~/Library/Logs/DiagnosticReports` or `Console.app`? I don't have any leads on this issue right now, if the leave...

@PeterStaev my understanding from testing is that that's not _quite_ correct: that property (which is documented a little better here: https://developer.apple.com/documentation/localauthentication/lacontext/1622329-touchidauthenticationallowablere) is specific to "how long can the interval between...

@PeterStaev I think there may be some configuration difference in play here or something. I'm able to sign past 5 minutes with the steps you described: - Sign request with...

I do seem to be able to reproduce this with slightly longer intervals. Re-approving the context seems to be enough to "refresh" it within the unlock window though – so...

Experimenting with that here: https://github.com/maxgoedjen/secretive/blob/experimental_refresh/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift#L201-L212

That is FANTASTIC @fsouza, I'll give that a go in a bit, I've had absolutely no luck reproducing this consistently, really appreciate the detailed steps, thanks!