[webauthn] First factor authentication selection from Ki-Eun Shin via GitHub on 2017-10-12 (public-webauthn@w3.org from October 2017)

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Thu, 12 Oct 2017 03:25:08 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-264802402-1507778693-sysbot+gh@w3.org>

Kieun has just created a new issue for https://github.com/w3c/webauthn:

== First factor authentication selection ==
Depending on the use cases of RP, some RP may only allow **first factor authenticators**. For this, there should be a certain parameter to set this option for create() function. 
Do we have such parameters or options?
If there is no such thing, the RP allowing first factor authenticator only should reject the attestation generated by a second factor authenticator by getting authenticator characteristics from meta data.
As a result, RP declines registration after the user confirms authenticator registration to the RP.
This is bad user experience.
So, we need to add something to _MakePublicKeyCredentialOptions_ to provide better UX.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/640 using your GitHub account

Received on Thursday, 12 October 2017 03:24:57 UTC