W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2020

Re: [webauthn] Add Yubico's proposed recovery extension (#1425)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Wed, 03 Jun 2020 18:53:22 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-638393919-1591210400-sysbot+gh@w3.org>
Cloning can work for non resident credentials.  

For resident/Discoverable ones it gets tricky especially if you want to support more than one credential per RPID on the authenticator.

If it is the manufacture that clones them the user needs to buy two new ones and re register at all the sites or they wont have a backup.

I personally think consumers should register two keys at Google, Apple , and Microsoft then just use federation.  But I understand that is not a popular opinion.

Trying to do individual account recovery across hundreds of RP is a nightmare no matter what we do.


-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1425#issuecomment-638393919 using your GitHub account
Received on Wednesday, 3 June 2020 18:53:25 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 3 June 2020 18:53:26 UTC