Re: [webauthn] How "preferred" is a "preferred" resident key (#1463) from John Bradley via GitHub on 2020-07-31 (public-webauthn@w3.org from July 2020)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Fri, 31 Jul 2020 22:17:51 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-667409539-1596233870-sysbot+gh@w3.org>

Interesting I was under the impression that you needed some sort of UV on the phone to use the hardware backed keys.  
I guess I have never set up a Android phone without a pin or biometric.

The spec would allow you to make a rk credential in that case on the platform, the problem becomes a UI one because you cant disclose the name/ displayname without UV so would have a hard time with a pick list unless the user sets up a PIN. Unless you special case the display list from inside the authenticator vs the platform.

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1463#issuecomment-667409539 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 31 July 2020 22:17:53 UTC