- From: Adam Langley <agl@google.com>
- Date: Thu, 25 Aug 2022 14:58:28 -0700
- To: public-webauthn-adoption@w3.org
- Message-ID: <CAL9PXLy6AWALpdmAMeQZiJnbQXcMxDa+gvTaEBQ7ahMFNvVz+A@mail.gmail.com>
Dear all, As part of a general effect to keep this group updated about WebAuthn-related changes in Chrome I'd like to mention a couple of changes coming in Chrome 105: Firstly, on macOS only, Chrome can get into a state where it doesn't have Bluetooth permission from the system, but nor will the system prompt the user to grant it. The phone as a security key feature would fail to work in this case, but without any obvious error. Chrome 105 will detect this case and ask the user to fix it. The UI will contain a button to open System Preferences at the correct location to do so. This prompt will not currently appear on macOS 13 because the new System Settings is still in flux. Secondly, Chrome 105 fixes a bug where it reported transports during create() based on incomplete information. This could lead to multi-transport authenticators (e.g. a USB+NFC security key) being registered with just USB listed as the transports. That credential might later be unusable over NFC because of this. Chrome 105 will no longer report incomplete transport lists, however this means that there are more cases when it will report an empty transports list at registration time, particularly on Windows where transport information is often lacking. Browsers may be less able to craft a precise UX without transport information about a credential. Cheers AGL
Received on Thursday, 25 August 2022 21:58:58 UTC