W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2019

Re: [webauthn] Provide a tutorial on creating Authenticators (#1157)

From: KOLANICH via GitHub <sysbot+gh@w3.org>
Date: Sun, 10 Feb 2019 14:33:57 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-462137754-1549809236-sysbot+gh@w3.org>
>People have made plugins for FireFox, and Chrome to intercept WebAutn calls and redirect them to propriatary authenticators.

Yes, I saw these WebExtensions, just injecting/hooking API into a webpage, it doesn't feel like the right way to implement them.

>You need to look at the CTAP2 specification for authenticators.

That spec is for USB and BlueTooth, but I wanna implement a pure software authenticator.

In other words: I don't want to buy any hardware devices, I don't want to use the stuff implemented in OS (SafetyNet is incompatible for libre hardware and software, it's a shame that w3c promotes it), all of these are completely unsuitable for me and lot of people, I want to implement a pure software authenticator with the security guarantees slightly better than a password manager. I guess there should be some interface, so I register a native library in the system, for example in the similar way it is done to OpenCL ICDs (a file is created in a predefined folder, then the loader looks at that folder, read paths to native libs from each file and loads the selected lib).



-- 
GitHub Notification of comment by KOLANICH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1157#issuecomment-462137754 using your GitHub account
Received on Sunday, 10 February 2019 14:33:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:02 UTC