- From: Ivan Kupalov via GitHub <sysbot+gh@w3.org>
- Date: Thu, 20 Sep 2018 06:17:33 +0000
- To: public-webauthn@w3.org
Honestly, I don't think that it is the solution, it is rather a workaround. It doesn't solve the problem "how do I share the key between web authentication and the app" but instead it shares the whole login through proprietary third-party system. I think such a decision will hurt federated nature of the web and will slow down Webauthn adoption significantly. Another workaround is apps like "yubico authenticator" which shouldn't really exist if Webauthn is adopted. May it be implemented as an extension? u2f has this and it should be possible to tell hardware key "yes, we want to generate the same key in this case". This capability totally makes sense to me and it is already implemented by some hardware so I see no reason why it should be completely ignored. -- GitHub Notification of comment by charlag Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1045#issuecomment-423053522 using your GitHub account
Received on Thursday, 20 September 2018 06:17:35 UTC