My local citizen card / egovernment system allows me to use FIDO2 tokens as a second factor.
But it is required that the FIDO2 token is at least Level2 certified. As far as I know the current Onlykey does not have Level2 certification so it won’t let me add it.
According to this overview Level2 certification seems possible:
Mainly Level2 implementations can’t be software only and have to support attestation.
Could you add this feature? Is this “just” a matter of preparing and applying including paying the 7500 USD certification fee? Or are there technical roadblocks why Onlykey couldn’t get this certification?
There are several factors, its not really that the OnlyKey does not meet L2 requirements the certification costs and effort increase with each level. Currently I am not aware of many applications that require L2 certification, there would need to be a cost/benefit to pursuing L2 certification.