Re: [webauthn] Authnr sel aaguidlist

Response to https://github.com/w3c/webauthn/pull/479#issuecomment-305259394:

I am not aware of any webauthn authenticators today.  I am aware of UAF and U2F authenticator.
UAF authenticators use a slightly different notion of a "model name" called AAID - and they implement that.
In U2F there is no equivalent of a model name, the closest thing to it is the list of attestationCertificateKeyIdentifiers.

In UAF the RP is able to influence Authenticator selection for "makeCredential" based on the AAID (and other criteria).  The authenticator selection based AAID can be used to support arbitrary criteria to be implemented by the RP - even without requiring dedicated support for the in the API.
For example: the RP could select authenticator for registration that meet some specific security certification etc.

I don't know how the RP could do that in U2F or in WebAuthentication - without this aaguidList approach.

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/479#issuecomment-308503445 using your GitHub account

Received on Wednesday, 14 June 2017 17:33:21 UTC