- From: Dain Nilsson via GitHub <sysbot+gh@w3.org>
- Date: Wed, 03 Jun 2020 13:16:37 +0000
- To: public-webauthn@w3.org
Anouther point on the usage of "clone" Authenticators: That approach introduces some security issues that we've explicitly attempted to eliminate with this proposal. If you have a single Authenticator, how can you be sure that there isn't a clone of it somewhere that you don't know about? Maybe it originally came as part of a "2-pack", but one Authenticator was re-packaged individually for you (the other held on to by an adversary). Or, since we envision the Backup Authenticator being stored in a "secure location" and not used day-to-day, how can you discover if someone still manages to steal it? We wanted to make it impossible to covertly use a "spare key" to access your accounts. This is why we A) make it explicit to the user when a backup credential is registered, and B) disable the "lost" credential when recovery is performed. -- GitHub Notification of comment by dainnilsson Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1425#issuecomment-638190062 using your GitHub account
Received on Wednesday, 3 June 2020 13:16:40 UTC