W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2017

[webauthn] Add keyStorage enum to ScopedCredentialOptions

From: Angelo Liao via GitHub <sysbot+gh@w3.org>
Date: Tue, 28 Feb 2017 21:35:05 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-210908308-1488317703-sysbot+gh@w3.org>
AngeloKai has just created a new issue for 
https://github.com/w3c/webauthn:

== Add keyStorage enum to ScopedCredentialOptions ==
Authenticators with cross-platform roaming capability may or may not 
store key materials within the authenticator boundary. If an 
authenticator doesn't store key material, the RP needs to do 
additional actions of storing keys. Additionally, in our current spec,
 getAssertion call can be initiated by only providing RP ID and that 
means the call isn't initiated with any key material at all. 

Therefore, I propose we add a new enum called keyStorage to the 
options dictionary, with two values: "client" and "server". If the 
former value is supplied, the authenticator must store key material. 
If the latter value is supplied, the authenticator won't store any 
value at all and the server will take care of storing the key 
materials. If no value is supplied, that means the RP doesn't care 
about storage and is ok with this cornercase. 

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/367 using your GitHub account
Received on Tuesday, 28 February 2017 21:35:11 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC