W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

[webauthn] First factor authentication selection

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Thu, 12 Oct 2017 03:25:08 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-264802402-1507778693-sysbot+gh@w3.org>
Kieun has just created a new issue for https://github.com/w3c/webauthn:

== First factor authentication selection ==
Depending on the use cases of RP, some RP may only allow **first factor authenticators**. For this, there should be a certain parameter to set this option for create() function. 
Do we have such parameters or options?
If there is no such thing, the RP allowing first factor authenticator only should reject the attestation generated by a second factor authenticator by getting authenticator characteristics from meta data.
As a result, RP declines registration after the user confirms authenticator registration to the RP.
This is bad user experience.
So, we need to add something to _MakePublicKeyCredentialOptions_ to provide better UX.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/640 using your GitHub account
Received on Thursday, 12 October 2017 03:24:57 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC