W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2020

Re: [webauthn] How "preferred" is a "preferred" resident key (#1463)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Fri, 31 Jul 2020 21:40:16 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-667390327-1596231615-sysbot+gh@w3.org>
Platform authenticators on phones always have UV so you must be talking about roaming authenticators.

If there is no pin or uv provisioned then you can make with rk=true and it will work.   That is basically the same as uv preferred logic.   I think the only change with i) is that you want to treat uv as required if the platform can guide the user to set a pin or uv.

If CTAP2 is not supported or it is a U2F key then you have to make a rk=false credential.

Another question to consider. 
If preferred and credential storage is full should the platform try it as rk=true and if it gets a error retry rk=false?.





-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1463#issuecomment-667390327 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 31 July 2020 21:40:17 UTC

This archive was generated by hypermail 2.4.0 : Friday, 31 July 2020 21:40:18 UTC