Re: [webauthn] No way to select an intended authenticator during authentication with attachment info

Some authenticators can be platform(bound) or cross-platform(roaming) authenticators depending on their characteristics. And some of platform authenticators can be cross-platform authenticators at the same time. 
Also, the user may register multiple authenticators and the RP wants to select the specific authenticator which has user verification method in some context such as money transfer case.
In this case, the RP allows some sort of authenticators for registration but not for authentication.
Anyway, according to the current spec, there is no way to set authenticator selection criteria for the authentication. Although, the spec says authenticatorSelection member is for create() or get() operation.
Followings are described in the Section 4.4

> authenticatorSelection, of type AuthenticatorSelectionCriteria
This member is intended for use by Relying Parties that wish to select the appropriate authenticators to participate in the create() or get() operation.

At least, if we decide not to provide authenticatorSelection for get() operation, above description should be modified.

GitHub Notification of comment by Kieun
Please view or discuss this issue at using your GitHub account

Received on Tuesday, 3 October 2017 12:55:02 UTC