- From: Shane Weeden via GitHub <sysbot+gh@w3.org>
- Date: Mon, 09 Jul 2018 00:55:48 +0000
- To: public-webauthn@w3.org
sbweeden has just created a new issue for https://github.com/w3c/webauthn: == Requesting ability to detect if there is an authenticator available which is capable of resident key credential == As a relying-party developer, I would like to be able to detect (before sending a navigator.credentials.create request) if there is an authenticator available that can accept and act on the "requireResidentKey": true authenticatorSelection criteria. The reason for this is that such an authenticator may be used to support username-less authentication and is in may scenarios more desirable than registering for just 2nd-factor purposes using a derived credential (since such a registration can also be used for step-up or 2nd factor authentication as well). Without a discovery API to detect this (and potentially other properties of available authenticators), the RP must first try to register with requireResidentKey: true, and if that fails, fallback to 2nd-factor. This has undesirable user experience issues. The isUserVerifyingPlatformAuthenticatorAvailable is close, but does not cater for portable keys that support requireResidentKey: true. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/987 using your GitHub account
Received on Monday, 9 July 2018 00:55:51 UTC