- From: binaryanomaly via GitHub <sysbot+gh@w3.org>
- Date: Fri, 20 Apr 2018 15:57:09 +0000
- To: public-webauthn@w3.org
Thanks @Kieun for the additional comment. That is broadly also my understanding. In addition there is also the device/authenticator side where afaik no standards are available. Means in order to achieve that, one needs to have a native application for each device OS, it cannot yet be done by the OSes themselves even if the functionality is quite generic. - For end-users this means they have to install an application for each website/service provider that wants to use that kind of authentication. - For the service providers to provide and maintain an application for each device OS. Having a standard functionality that is part of the OS would solve this. It would not have to do much more than receiving push messages, verify their authenticity, display a dialog, unlock the authenticator when biometric authentication is ok, sign payload and send to agreed destination. Mostly it's just another transport protocol with some extensions. This would enable n services to use PKI based biometrically supported 2-step verification without the need to install an application for each one and without the physical constraints of NFC, BLE, USB. -- GitHub Notification of comment by binaryanomaly Please view or discuss this issue at https://github.com/w3c/webauthn/issues/874#issuecomment-383141467 using your GitHub account
Received on Friday, 20 April 2018 15:57:10 UTC