9Ara
Is FIDO authN vulnerable to relay attacks?
In this question: Is FIDO2 authentication vulnerable to a social engineering replay attack?
it was answered that no, not vulnerable because "the keypair used to by the FIDO device to authenticate with the credential harvesting site would be different than the keypair used to authenticate with the legitimate site".
But what if the attacker is not a website, but rather just a man in the middle in the middle of the channel between client and server? So an attacker that justs observes the traffic and once the challenge response arrives from the client, he cuts off the client and now HE(the attacker) IS authenticated.
