Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688)

Shane and I have been talking with Max H in the consumer deployment working group. 

I think he is looking for a simple way for RP to disable passkey without having to completely change all their existing webAuthn logic.   That is I think partially where this request is coming from.

I suspect that @timcappalli is correct and any RP not wanting to accept passkey replication is going to have to do the work to redesign their backend to support that.

Keeping the default hardware-bound keys and making the RP do something to accept passkeys received a negative response at the plenary.

I understand that the desire is for the default to be what platforms consider to be the larger use case.  

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-1000496951 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 23 December 2021 19:51:03 UTC