Re: [webauthn] Enforce specific user verification methods (#1211)

@Kieun @selfissued  It would be great if RPs can control the behaviors of authenticators for users by specifying a UVM used for authentication.

If an RP may have knowledge of a user's context, the RP can use the information to provide the user with better user experience on authentication.

For example, let's consider a case in which a user browses a recipe site while she is cooking. In this case, it is difficult for her to use the finger to sign in to the site.

If the RP knows this situation about her, it would like to specify "voice'' or "face'' as a UVM in the Authenticator Selection extension of an authn request (excluding the fingerprint UVM). This should contribute to better user experience for her than that of her selecting one among verification options.

GitHub Notification of comment by hgomi53
Please view or discuss this issue at using your GitHub account

Received on Saturday, 15 June 2019 07:42:14 UTC