Re: [webauthn] authenticator taxonomy from =JeffH via GitHub on 2017-04-25 (public-webauthn@w3.org from April 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Tue, 25 Apr 2017 22:15:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-297181142-1493158527-sysbot+gh@w3.org>

WRT the term "first-factor" -- it is one of those invented-during-a-meeting-while-in-a-rush things that was not carefully thought-through or researched prior to being employed. It turns out we perhaps ought to have simply referred to NIST SP800-63-2 and used "multi-factor authenticator".  [See S 6.1.1](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-2.pdf). 

Additionally, in NIST SP800-63-2 parlance, U2F security keys are termed "single-factor". 


-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/422#issuecomment-297181142 using your GitHub account

Received on Tuesday, 25 April 2017 22:15:34 UTC