W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2019

Re: [webauthn] Provide a tutorial on creating Authenticators (#1157)

From: KOLANICH via GitHub <sysbot+gh@w3.org>
Date: Sun, 10 Feb 2019 14:33:57 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-462137754-1549809236-sysbot+gh@w3.org>
>People have made plugins for FireFox, and Chrome to intercept WebAutn calls and redirect them to propriatary authenticators.

Yes, I saw these WebExtensions, just injecting/hooking API into a webpage, it doesn't feel like the right way to implement them.

>You need to look at the CTAP2 specification for authenticators.

That spec is for USB and BlueTooth, but I wanna implement a pure software authenticator.

In other words: I don't want to buy any hardware devices, I don't want to use the stuff implemented in OS (SafetyNet is incompatible for libre hardware and software, it's a shame that w3c promotes it), all of these are completely unsuitable for me and lot of people, I want to implement a pure software authenticator with the security guarantees slightly better than a password manager. I guess there should be some interface, so I register a native library in the system, for example in the similar way it is done to OpenCL ICDs (a file is created in a predefined folder, then the loader looks at that folder, read paths to native libs from each file and loads the selected lib).

GitHub Notification of comment by KOLANICH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1157#issuecomment-462137754 using your GitHub account
Received on Sunday, 10 February 2019 14:33:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:02 UTC