a proof method using webauthn/passkeys from Nikos Fotiou on 2022-11-18 (public-credentials@w3.org from November 2022)

From: Nikos Fotiou <fotiou@aueb.gr>
Date: Fri, 18 Nov 2022 11:42:32 +0200
To: <public-credentials@w3.org>
Message-ID: <008f01d8fb32$14fc8660$3ef59320$@aueb.gr>

Hi all,

 

I would like to propose a new proof method and I would really love your
feedback. 

 

The proposed method targets cloud-based wallets and it enables proofs
generated by user-controlled devices using WebaAuthN/Passkeys. The idea is
very simple: the digest of a DID document/VC/VP is used as the WebAuthN
"challenge" (see this article by Yubico for more details
https://developers.yubico.com/WebAuthn/Concepts/Using_WebAuthn_for_Signing.h
tml)

 

I have created a demo page that emulates the functionality that should be
implemented by a cloud-based wallet https://excid-io.github.io/fido2-sign/
(source code https://github.com/excid-io/fido2-sign). A proof should then
include in addition to the signature, the "authenticatorData" and the
base64url encoded "clientDataJSON". The demo has been tested with
Edge/Chrome on windows with yubikey, Safari on iOS 16/MacOS Ventura
(passkey), and it fails with Firefox. 

 

Best,

Nikos

 

Nikos Fotiou -  <https://www.fotiou.gr> https://www.fotiou.gr

Researcher - Mobile Multimedia Laboratory

Athens University of Economics and Business

 <https://mm.aueb.gr/> https://mm.aueb.gr

Attachments

application/pkcs7-signature attachment: smime.p7s

Received on Friday, 18 November 2022 09:42:48 UTC