- From: Nico Caille via GitHub <sysbot+gh@w3.org>
- Date: Mon, 08 Jun 2020 15:54:01 +0000
- To: public-webauthn@w3.org
> If, in Chrome, you go to chrome://device-log and select “Debug” as the log level then you can see the underlying CTAP2 traffic to the security key. In this case, I'm guessing that there won't be any and that you've set a PIN on the security key. Since we can't create a credential over CTAP 2.0 without PINs, once one has been set, Chrome is falling back to the U2F protocol, which cannot handle anything but ECDSA. > My keys have PIN enabled but thanks now I have put `userVerification: 'preferred'` for the registration part, I confirm the credentials created are using EdDSA, and then the assertion for user login i maintain the `userVerification: 'discouraged'`. From a user experience, I think it would be better to allow for the use of EdDSA if available without requiring the PIN. Thanks for your help -- GitHub Notification of comment by nicocaille Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1437#issuecomment-640716450 using your GitHub account
Received on Monday, 8 June 2020 15:54:02 UTC