W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2019

Re: mixed U2F and WebAuthn

From: Adam Langley <agl@google.com>
Date: Thu, 18 Jul 2019 15:55:49 -0700
Message-ID: <CAL9PXLx=_uty2GTaSxJd0NQmgqNiG8SbMYPY6w7zVFB0RnTuvw@mail.gmail.com>
To: Marius Scurtescu <marius.scurtescu@coinbase.com>
Cc: W3C Web Authn WG <public-webauthn@w3.org>
On Thu, Jul 18, 2019 at 2:55 PM Marius Scurtescu <
marius.scurtescu@coinbase.com> wrote:

> When the AppID extension is used in order to support legacy U2F registered
> authenticators, can the allowCredentials array (part ofl
> navigator.credentials.get) contain a mix of U2F and WebAuthn registered
> keys?


Reading the "Client extension processing" of "10.1. FIDO AppID Extension
> (appid)" that seems to be the case with the retry in step 5, but the note
> at the end states that "several implementations do not implement steps four
> and onward". Making sure the note refers only to FacetID and that the rest
> of step 5 is actually implemented?

 It refers to the algorithm here
i.e. the more complex FacetID processing.


Received on Thursday, 18 July 2019 22:56:25 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:38:35 UTC