W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2019

Re: [webauthn] add notion of "enterprise" attestation (#1147)

From: Emil Lundberg <emil@yubico.com>
Date: Mon, 28 Jan 2019 22:06:39 +0100
Message-ID: <CANMnvkzU2H11Mx_Gm40aGNc1K9o-rEF4mhP-sktYiaHP9wszPg@mail.gmail.com>
To: Jeff Hodges <jdhodges@google.com>
Cc: Christiaan Brand <cbrand@google.com>, Emil Lundberg via GitHub <sysbot+gh@w3.org>, W3C Web Authn WG <public-webauthn@w3.org>
Yeah - so far all I've heard is to the effect of "it might turn out to be
useful sometime, someday" :)


On Mon, 28 Jan 2019, 19:09 Jeff Hodges, <jdhodges@google.com> wrote:

> On Mon, Jan 28, 2019 at 2:58 AM Emil Lundberg via GitHub <sysbot+gh@w3.org>
> wrote:
>> Yes, of course - what I meant to ask is what would be a concrete use case
>> for that capability? In what circumstance would an RP need to know the
>> identity of an authenticator _before_ registering a credential with it
>> (after which it can be identified by the credential ID)?
> My understanding from my colleagues is the answer to this is essentially:
> in an enterprise environment, for authnr inventory control, etc.
> If that answer is incorrect or insufficient the perhaps @Christiaan Brand
> <cbrand@google.com> ought to reply....

Emil Lundberg

Software Developer | Yubico <http://www.yubico.com/>
Received on Monday, 28 January 2019 21:07:13 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:36 UTC