Re: [webauthn] Clarify examples: 1.1.1. Registration / 1.1.2. Authentication

Thanks @Kieun for the additional comment. That is broadly also my understanding.

In addition there is also the device/authenticator side where afaik no standards are available. Means in order to achieve that, one needs to have a native application for each device OS, it cannot yet be done by the OSes themselves even if the functionality is quite generic.
- For end-users this means they have to install an application for each website/service provider that wants to use that kind of authentication. 
- For the service providers to provide and maintain an application for each device OS.

Having a standard functionality that is part of the OS would solve this. It would not have to do much more than receiving push messages, verify their authenticity, display a dialog, unlock the authenticator when biometric authentication is ok, sign payload and send to agreed destination. Mostly it's just another transport protocol with some extensions.
This would enable n services to use PKI based biometrically supported 2-step verification without the need to install an application for each one and without the physical constraints of NFC, BLE, USB.

GitHub Notification of comment by binaryanomaly
Please view or discuss this issue at using your GitHub account

Received on Friday, 20 April 2018 15:57:10 UTC