Yubico在生产YubiKey的时候会在插槽1放入一个OTP凭据,Yubico提供的凭据ID开头是“cc”,后期上传的凭据ID开头是“”。Yubico提供的OTP凭据是受信任的,后期上传的没有出厂自带的那么可信,因为在传输和保存的时候私钥可能会泄露。这是官方的说法:’‘ prefix credentials are not guaranteed to have the same availability as production ‘cc’ prefix credentials. Yubico reserves the right to revoke any ‘‘ prefix credential on the Yubico validation service (YubiCloud) at any time, for any reason, including if abuse is detected or if the credential is loaded onto a counterfeit YubiKey. (From Yubico AES Key Upload)