W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Thu, 28 Jun 2018 09:30:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-400973330-1530178200-sysbot+gh@w3.org>
I would recommend pairing such a flag (if we should end up supporting it) with the ability of an authenticator to express support for non-exportable/non-migratable keys in the attestation statement (e.g. similar to never exportable flag in PKCS#11 - but with crptographic assertion on it).
With that RPs interested in the security aspect have an assertion stating whether or not the key is exportable.

GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/969#issuecomment-400973330 using your GitHub account
Received on Thursday, 28 June 2018 09:30:50 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC