Re: [webauthn] RPs cannot show "You've Already Registered This Authenticator" Message from cpiper via GitHub on 2018-02-16 (public-webauthn@w3.org from February 2018)

From: cpiper via GitHub <sysbot+gh@w3.org>
Date: Fri, 16 Feb 2018 21:29:27 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-366363702-1518816567-sysbot+gh@w3.org>

Would sending a getAssertion request suffice? So, first a query to determine that the credential was previously registered, and if so, just send a getAssertion request. If there are multiple authenticators, and a user affirmatively touches a previously registered one, a getAssertion response would be received. In that case, it can be definitively be determined from the response that this was a previously registered authenticator. If a makeCredential response is received, then the authenticator is new to the RP.

-- 
GitHub Notification of comment by cpiper
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/806#issuecomment-366363702 using your GitHub account

Received on Friday, 16 February 2018 21:29:31 UTC