- From: Arshad Noor via GitHub <sysbot+gh@w3.org>
- Date: Wed, 18 Aug 2021 17:19:50 +0000
- To: public-webauthn@w3.org
Its interesting how 6 months can make a difference; you may be in luck, Dylan (@knightcode). With the [introduction](https://developer.apple.com/videos/play/wwdc2021/10106/) of Passkey by Apple, if the user has synchronized their FIDO key with iCloud, that key will now be available on all supported/registered Apple devices for passwordless FIDO authentication. It is still an early release and it remains to be seen how it will work out when finally released and as it matures. Speaking for myself, I would not be comfortable trusting my encrypted private-key in the cloud - even if they are using cryptographic hardware modules to further protect it or get access to it - but, that's me. Most users might not care because they will get to use "true" passwordless authentication instead of the mirage they have currently with TouchID/FaceID being the checkpoint to a password (that can still be attacked in myriad ways). The WebAuthn community [appears](https://github.com/w3c/webauthn/issues/1658) to be enamored of "syncable FIDO credentials" in the mold of Passkey. While I haven't parsed that thread, I think that while it will solve one problem it will likely give rise to others. If you're unwilling to wait for Passkey/SyncableKeys to be a reality, the flow in this [posting](https://github.com/w3c/webauthn/issues/1656#issuecomment-889050199) might offer a path. -- GitHub Notification of comment by arshadnoor Please view or discuss this issue at https://github.com/w3c/webauthn/issues/151#issuecomment-901290348 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 18 August 2021 17:19:51 UTC