Re: [webauthn] Add to sec cons a brief discussion of the sec properties accrued by authnr & client platform proximity (#1257)

I'm definitely curious to hear if folks feel that proximity _is_ a factor that provides phishing resistance properties. I've heard that reasoning more than once, but I'm not sure I understand the claim.

The architecture @emlun describes above is definitely vulnerable to phishing. I would assume that, in the case of a network-based transport, the WebAuthn client would still be required to do the domain checking that it does with the other transports. In my mind the browser would still act as the client in such a case, rather than push notifications being triggered by the RP.

Concerns about phishing can be mitigated by some sort of channel binding between the browser and the authenticator, or by placing trust in the cloud service that manages the push notifications. Both approaches have their own advantages and drawbacks.

-- 
GitHub Notification of comment by nickmooney
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1257#issuecomment-511029323 using your GitHub account

Received on Friday, 12 July 2019 20:51:35 UTC