Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954) from Emil Lundberg via GitHub on 2019-02-04 (public-webauthn@w3.org from February 2019)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Mon, 04 Feb 2019 11:56:22 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-460222353-1549281381-sysbot+gh@w3.org>

Sorry, I don't know much about how UAF or CTAP device discovery works. Do I understand the [UAF architecture diagram][diag] correctly in that the _UAF protocol_ you mentioned is for communication between a client (app) and a server? In that case it seems to me like having the UAF protocol implemented won't help much in implementing an external WebAuthn authenticator. What you would need to do is find some way to map the CTAP2 API onto your API, and implement the Bluetooth and/or USB protocols in CTAP2. If you can do that (and I don't know if Android allow apps that much freedom in using Bluetooth/USB), it should work with laptop/desktop clients that support external CTAP2 authenticators. I don't think I can help much more than that.

[diag]: https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/img/fido-uaf-architecture.png

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/954#issuecomment-460222353 using your GitHub account

Received on Monday, 4 February 2019 11:56:23 UTC