Switch from python-u2flib-host to python-fido2

[SaswatPadhi]

The problem you're addressing (if any)
The python-u2flib-host project page says that it has been superseded by python-fido2.

Where is the value to a user, and who might that user be?
Issue #5400 reports that Google Titan U2F keys were not recognized by Qubes. I have had similar experience with OnlyKey. The solution in both cases was a patch that adds a new device to the python-u2flib-host library, but qubes-python-u2flib-host still seems to be using the 3.0.3 release (from > 1.5 years ago).

Since python-fido2 is still in beta stage, as the authors warn on the project page, may be qubes-python-u2flib-host could use the latest python-u2flib-host sources for the time being and switch to python-fido2 once it's stable?

[SaswatPadhi]

python-fido2 is stable now. The 1.0.0 version was released recently:

https://github.com/Yubico/python-fido2/releases/tag/1.0.0

[DemiMarie]

Now that python-fido2 is stable, it is definitely time to implement this.

[ctr49]

as far as I can tell it is just a drop-in replacement. changing
import u2flib_host.u2f to import fido2
worked out of the box for me (using qu2f-proxy)

[piotrbartman]

as far as I can tell it is just a drop-in replacement. changing import u2flib_host.u2f to import fido2 worked out of the box for me (using qu2f-proxy)

@ctr49 First, thank you for your contribution! but we want full support here for fido2 devices (such as ClientPIN).

[ctr49]

Fair point - nevertheless u2flib_host.u2f is deprecated and using fido2 instead of it doesn't break anything while allowing platforms to use it that don't have access to the deprecated library (in my case: Gentoo - see fepitre/qubes-gentoo#15). So you may want to consider creating a small maintenance release (1.2.11?) with python-fido2 and t-pa's #29 and then go for full scale fido2 support in a 1.3 version.