- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Tue, 05 Jun 2018 18:33:20 +0000
- To: public-webauthn@w3.org
equalsJeffH has just created a new issue for https://github.com/w3c/webauthn: == Recovering from Device Loss == [submitting on behalf of @leshi & @arnar and their collaborator Alex Takakuwa <alextaka@uw.edu>] **https://lists.w3.org/Archives/Public/public-webauthn/2018May/0464.html:** Subject: Recovering from Device Loss in WebAuthn **From: Alex Takakuwa <alextaka@uw.edu>** To: public-webauthn@w3.org In April, we sent an email introducing some potential solutions to the problem of “Recovering from Device Loss in WebAuthn”. As you all know, in the current WebAuthn specifications, users face a potentially onerous process when migrating to new devices either because of device loss or just a device upgrade. We view this as a problem that can be solved while retaining all the security guarantees of the existing WebAuthn scheme and improving the usability of WebAuthn drastically all without changing the API. We would like to encourage members of the WebAuthn mailing lists to join us in developing proposals that can be accepted into the WebAuthn specifications to solve the problem of recovery from device loss and device upgrade. Our preliminary proposals are listed here: https://docs.google.com/document/d/1tRLbXYLb9Z65QqhOX7v9D-aq_RUODyn5oALpCXj46K8/edit?usp=sharing I look forward to hearing your feedback! ---- **see also:** Recovering from Device Loss in WebAuthn (Tue, 3 Apr 2018) https://lists.w3.org/Archives/Public/public-webauthn/2018Apr/0009.html The Transfer Access Protocol - Moving to New Authenticators in the FIDO Ecosystem Technical Report UW-CSE-17-06-01 https://www.cs.washington.edu/tr/2017/06/UW-CSE-17-06-01.pdf Secure authentication key sharing between mobile devices based on owner identity https://ieeexplore.ieee.org/abstract/document/8311436/ Please view or discuss this issue at https://github.com/w3c/webauthn/issues/931 using your GitHub account
Received on Tuesday, 5 June 2018 18:33:26 UTC