W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2019

Re: [webauthn] Enforce specific user verification methods (#1211)

From: Hidehito Gomi via GitHub <sysbot+gh@w3.org>
Date: Sat, 15 Jun 2019 07:42:12 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-502343807-1560584531-sysbot+gh@w3.org>
@Kieun @selfissued  It would be great if RPs can control the behaviors of authenticators for users by specifying a UVM used for authentication.

If an RP may have knowledge of a user's context, the RP can use the information to provide the user with better user experience on authentication.

For example, let's consider a case in which a user browses a recipe site while she is cooking. In this case, it is difficult for her to use the finger to sign in to the site.

If the RP knows this situation about her, it would like to specify "voice'' or "face'' as a UVM in the Authenticator Selection extension of an authn request (excluding the fingerprint UVM). This should contribute to better user experience for her than that of her selecting one among verification options.

-- 
GitHub Notification of comment by hgomi53
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1211#issuecomment-502343807 using your GitHub account
Received on Saturday, 15 June 2019 07:42:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:05 UTC