W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2018

Re: [webauthn] Using a smart phone as an authenticator with WebAuthn

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Mon, 27 Aug 2018 18:30:10 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-416322602-1535394604-sysbot+gh@w3.org>
@maranjavatraining --
> I am wondering is there any way to use a smart phone as an authenticator through WebAuthn...

Yes, see https://fidoalliance.org/fido-alliance-and-w3c-achieve-major-standards-milestone-in-global-effort-towards-simpler-stronger-authentication-on-the-web/ and note the reference to CTAP:

> ...  FIDO’s Client to Authenticator Protocol (CTAP) specification. CTAP enables an external authenticator, such as a security key or a mobile phone, to communicate strong authentication credentials locally over USB, Bluetooth or NFC to the user’s internet access device (PC or mobile phone).

The most recent publicly-available CTAP spec is here: https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-client-to-authenticator-protocol-v2.0-rd-20180702.html

see also: 
* https://cloudblogs.microsoft.com/enterprisemobility/2018/04/12/big-news-in-our-drive-to-eliminate-passwords-fido2-webauthn-reaches-candidate-recommendation-status/
* https://www.aboutchromebooks.com/news/chrome-os-and-chrome-getting-support-for-biometric-2fa-with-ctap2-standard/
* [Intent to Ship: WebAuthentication API](https://groups.google.com/a/chromium.org/d/msg/Blink-dev/o9RU6Vv0xeM/EGnQOExbAAAJ) 

GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1046#issuecomment-416322602 using your GitHub account
Received on Monday, 27 August 2018 18:30:11 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:54 UTC