W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2019

[webauthn] No way to identify authenticator type whether is is platform or roaming if RP does not specify the type during registration (#1163)

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Fri, 22 Feb 2019 09:08:08 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-413307495-1550826487-sysbot+gh@w3.org>
Kieun has just created a new issue for https://github.com/w3c/webauthn:

== No way to identify authenticator type whether is is platform or roaming if RP does not specify the type during registration ==
If RP does not specify [AuthenticatorAttachment](https://w3c.github.io/webauthn/#enumdef-authenticatorattachment) during registration, depending on the devices or user preferences, user may register the platform authenticator or the roaming authenticator.

From the RP perspective, RP may refer the FIDO metadata with delivered aaguid. But, sometimes aaguid (e.g., non attestation conveyance preference) cannot identify specific authenticator so that RP cannot get the authenticator type.

To provide better UXs for authentication and authentication management, it's nice to deliver such information within the registration process.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1163 using your GitHub account
Received on Friday, 22 February 2019 09:08:10 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:02 UTC