W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] No way to select an intended authenticator during authentication with attachment info

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Tue, 03 Oct 2017 12:55:12 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-333832483-1507035299-sysbot+gh@w3.org>
Some authenticators can be platform(bound) or cross-platform(roaming) authenticators depending on their characteristics. And some of platform authenticators can be cross-platform authenticators at the same time. 
Also, the user may register multiple authenticators and the RP wants to select the specific authenticator which has user verification method in some context such as money transfer case.
In this case, the RP allows some sort of authenticators for registration but not for authentication.
Anyway, according to the current spec, there is no way to set authenticator selection criteria for the authentication. Although, the spec says authenticatorSelection member is for create() or get() operation.
Followings are described in the Section 4.4

> authenticatorSelection, of type AuthenticatorSelectionCriteria
This member is intended for use by Relying Parties that wish to select the appropriate authenticators to participate in the create() or get() operation.

At least, if we decide not to provide authenticatorSelection for get() operation, above description should be modified.

-- 
GitHub Notification of comment by Kieun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/583#issuecomment-333832483 using your GitHub account
Received on Tuesday, 3 October 2017 12:55:02 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC