- From: John Bradley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 09 Aug 2019 21:14:02 +0000
- To: public-webauthn@w3.org
Again there is a way to provide the attachment modes for a given authenticator. In WebAuthn level 2 there is a API way to get the attachment of a given credential even if you are not getting a attestation. There are good reasons for getting attestations bit that is another discussion. Given the only mobile OS with a platform authenticator is Android and that is still a bit broken for Resident credentials you can't be doing a get credential without an allow list, so can send the attachment for the credentialID. So what is it that you think you don't like or won't work? Let's talk specifically about Android. Is it the browser UI or calling the WebAuthn API from an app that is your issue? I think your goal is probably to have the platform authenticator that is in GMS work well for you. We should focus on that rater than jumping to the conclusion that an extra RP parameter is the best option. John B. On Fri, Aug 9, 2019, 4:53 PM Ki-Eun Shin <notifications@github.com> wrote: > @arshadnoor <https://github.com/arshadnoor> do you think I was asking > customizing the spec for our own use cases? > We are willing to support universal authentications if there is and we are > going to try to make that one. > This is just real problems for RPs having mobile based users. We cannot > say to our users to buy external authenticators and we cannot explain what > FIDO2/WebAuthn is in a very limited small screen. If they have external > ones, they can use it. And, we are going to support them. > > And, this issue is basically raised because of the adoption challenges and > the technical soundness. > Current spec does have a way for RP to set authenticator attachment during > registration but there is not for authentication. > Still, RP can allow platform only, external authenticators only or both. > If we are saying about the ecosystem and disallow such RPs' specific > approaches (In fact, I don't agree), we should not provide such option for > registration as well. > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <https://github.com/w3c/webauthn/issues/1267?email_source=notifications&email_token=AAAPQJY5HIVFZ4JQPLIHCQLQDXKL3A5CNFSM4IIDYLYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD37XYHQ#issuecomment-520059934>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AAAPQJ2HN5YZ7TE37JU2LVDQDXKL3ANCNFSM4IIDYLYA> > . > -- GitHub Notification of comment by ve7jtb Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1267#issuecomment-520065542 using your GitHub account
Received on Friday, 9 August 2019 21:14:04 UTC