W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Thu, 28 Jun 2018 09:30:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-400973330-1530178200-sysbot+gh@w3.org>
I would recommend pairing such a flag (if we should end up supporting it) with the ability of an authenticator to express support for non-exportable/non-migratable keys in the attestation statement (e.g. similar to never exportable flag in PKCS#11 - but with crptographic assertion on it).
With that RPs interested in the security aspect have an assertion stating whether or not the key is exportable.

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/969#issuecomment-400973330 using your GitHub account
Received on Thursday, 28 June 2018 09:30:50 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC