Re: mixed U2F and WebAuthn

On Thu, Jul 18, 2019 at 2:55 PM Marius Scurtescu <
marius.scurtescu@coinbase.com> wrote:

> When the AppID extension is used in order to support legacy U2F registered
> authenticators, can the allowCredentials array (part ofl
> navigator.credentials.get) contain a mix of U2F and WebAuthn registered
> keys?
>

Yes.

Reading the "Client extension processing" of "10.1. FIDO AppID Extension
> (appid)" that seems to be the case with the retry in step 5, but the note
> at the end states that "several implementations do not implement steps four
> and onward". Making sure the note refers only to FacetID and that the rest
> of step 5 is actually implemented?
>

 It refers to the algorithm here
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-appid-and-facets-v2.0-id-20180227.html#determining-if-a-caller-s-facetid-is-authorized-for-an-appid>,
i.e. the more complex FacetID processing.


Cheers

AGL

Received on Thursday, 18 July 2019 22:56:25 UTC