W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2019

Re: [webauthn] Enforce specific user verification methods (#1211)

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Mon, 17 Jun 2019 10:51:37 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-502633821-1560768695-sysbot+gh@w3.org>
@emlun For UX point of view, RP really cares about such features, especially for mobile cases.
If we fully adopt WebAuthn for all authentication, it makes sense to leverage WebAuthn including such authenticator's fallback.
But, even we are adopting WebAuthn now, still we have fallbacks or alternative authentication methods since we all know that it takes time to replace old authentication (which is not secure and usable) with WebAuthn and there are cases where WebAuthn does not work.
The thing is that the client never know the RP's context without explicit information.

GitHub Notification of comment by Kieun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1211#issuecomment-502633821 using your GitHub account
Received on Monday, 17 June 2019 10:51:38 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:37 UTC