Re: [webauthn] Is it possible to fail the registration ceremony if a certain extension is not present? (#1487) from John Bradley via GitHub on 2020-09-28 (public-webauthn@w3.org from September 2020)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Mon, 28 Sep 2020 17:15:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-700168631-1601313326-sysbot+gh@w3.org>

The prf extension has been pulled out of level 2, so I recommend lobbying if you really want it.

We do have a enforce credprotect option.  where the platform won't make a credential if credprotect is not available on the authenticator.  

In principal prf should work for both resident and non resident credentials.   

It might not be unreasonable to have a similar flag so resident/discoverable slots are not taken up by credentials that won't be used.



-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1487#issuecomment-700168631 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 28 September 2020 17:15:29 UTC