Re: [webauthn] Removing “lightning” from AuthenticatorTransport (#1294)

Looking back on the issue.

To be clear we are talking about "CTAP_over_MFi" not a physical lightning connector, though they typically go together.   To produce a non-bootleg lightning key you need lightning connectors and chips from Apple and be MFi certified.   Anyone doing that is probably going to support "CTAP_over_MFi" and CTAP over HID (Our normal interface for USB) over the physical lightning connector.   

Safari doesn't produce the transport hints it is the authenticator that provides them.  
I cant see any reason why Safari would care about the lightning hint as it can use the HID encapsulation to any key.   It would only look at the usb hint and ignore "lightning" or whatever it is called.  

Other browsers currently working on iOS 12 cant talk CTAP over the normal HID transport as tat is blocked by the OS.   Only if they receive a transport hint that tells them that the credential was created on an authenticator that can talk "CTAP_over_MFi" is it worth prompting the user to connect there authenticator.

For someone like Brave who is using WebAuthn this may improve the user experience.  
I think Google asked for it for similar reasons, with slartlock on iOS 12 it only makes sense to try the credentials that support BLE or "CTAP_over_MFi"

So removing the hint entirely will potentially have negative UI impacts on some WebAuthn clients and other applications doing CTAP2.   It will still work but perhaps not as nicely.
The hint has no relevance to Safari and should be ignored if received.  

We can change the string to anything.  We could change it to "yubicoMFi" for backwards MFi compatibility with pre iOS 13 devices.  Though then when other vendors do the same thing they would want to make a new string, I would prefer the string to be a bit generic, so that others can use it if we change the name.

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1294#issuecomment-573075919 using your GitHub account

Received on Friday, 10 January 2020 15:17:12 UTC