Comment by rockskon
13 hours ago
?
They can represent themselves as users just fine without extracting keys from the Secure Enclave. What are you talking about?
13 hours ago
?
They can represent themselves as users just fine without extracting keys from the Secure Enclave. What are you talking about?
Not sure who are "they" and where are they "representing themselves" in your question?
My point was that you can be protected as a user even without the "secure enclave": that's how GPG, SSH and HTTPS PKI works (a user has their own private key, and they are as safe as their key is). Leaking any one of those only impacts that single user, similar to someone stealing your phone and using your logged in accounts or even secure chips if they get your PIN or password (or biometrics) — if you even have it set up, which most people outside the tech bubble don't.
You might be misunderstanding some of the nuances I brought up: what are you talking about?