[webauthn] Is there a community for webauthn implementation discussion?

junderw has just created a new issue for https://github.com/w3c/webauthn:

== Is there a community for webauthn implementation discussion? ==
I would like to discuss with other businesses that are testing / contemplating the UX surrounding webauthn support on their apps.

I have subscribed to the mailing list and here, but it feels like general discussions of this matter are off-topic for this repository.

While I have some eyeballs, one question I plan to ask fellow prospective implementations is how to deal with key loss. ie. with TOTP based 2FA backup codes exist, and many places encourage printing / storing securely these codes. What are people thinking on this topic?

One of our engineers said "encourage them to register all their devices. I doubt someone will lose their macbook, smartphone, home pc all at once" however, this assumes most of our users hold multiple devices that support webauthn.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1106 using your GitHub account

Received on Thursday, 25 October 2018 09:01:43 UTC