W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2019

Re: webauthn post on NANOG

From: Christiaan Brand <cbrand@google.com>
Date: Mon, 25 Mar 2019 08:46:46 -0700
Message-ID: <CAE1XR1mLhzdBzvJ+PHeKrn__sA_A-vbn4fhrcH4sYeofe_VRdg@mail.gmail.com>
To: Samuel Weiler <weiler@w3.org>
Cc: Anthony Nadalin <tonynad@microsoft.com>, W3C Web Authn WG <public-webauthn@w3.org>
> But we don't want to discourage,
oh say, Epicurious to implement webauthn to get to my super-secret recipe
because they don't think people will buy id dongles.

I think the point is being missed here. The presence of hardware in
webauthn/fido is not because we think it’s necessarily better than
software. It’s because it’s removable and can travel with you to new
devices. That’s much harder to do with on-device software solutions without
resorting to some sort of syncing, which in many cases relegates your 2fa
solution to 1fa again.

Feel free to send this on to the OP.


On Mon, Mar 25, 2019 at 08:37 Samuel Weiler <weiler@w3.org> wrote:

> On Mon, 25 Mar 2019, Anthony Nadalin wrote:
> > Just wondering what you want us to do here as there is no real
> > information in this this message relative to WebAuthn
> I wanted members of the WG to be aware of it in case the discussion
> ran off somewhere - some of you might have wanted to weigh in.  Given
> that the thread died on the vine, there is no immediate action item.
> Emil pointed out the already-open related issue.
> -- Sam
Received on Monday, 25 March 2019 15:47:20 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:03 UTC