Re: [webauthn] Where is the code implementation for roaming authenticators? (#1221) from mduffy215 via GitHub on 2019-05-26 (public-webauthn@w3.org from May 2019)

From: mduffy215 via GitHub <sysbot+gh@w3.org>
Date: Sun, 26 May 2019 15:50:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-496010782-1558885800-sysbot+gh@w3.org>

I deleted my security key and tried to reattach it.  That process seemed to work (no errors).

However, now when I try to sign in I get the following message:

![try_different](https://user-images.githubusercontent.com/8658447/58383799-7b33d480-7fa0-11e9-8d39-c35d29670433.png)

I think there must be some sort of association on the server side that is problematic.  The first statement in the Network traffic from the Chrome Dev Tools is a challenge sent to https://accounts.google.com

**The main issue is not this specific example.  The main issue is the lack of a clear reference implementation implementation for roaming authenticators.**

I think the proponents of WebAuthn have done a disservice to the development community AND they failed to follow [W3C protocols](https://www.w3.org/participate/implementation). I think  WebAuthn would take off if there was a simple reference implementation that would allow a user's mobile phone to be a roaming authenticator. 

P.S.  If anyone from Google is reading this post, I am happy to go over to the Google offices here in Austin and help troubleshoot this issue.

-- 
GitHub Notification of comment by mduffy215
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1221#issuecomment-496010782 using your GitHub account

Received on Sunday, 26 May 2019 15:50:03 UTC