Re: [webauthn] Support for authenticators providing two keys (#1546)

So many things come to mind with a pattern like this, such as:

- Would the user be aware they are registering two keypairs - and would they be so informed in the user agent UI?
- Would this extension also apply to an assertion ceremony such that keypair replacement / rollover is possible, e.g. including to a newer algorithm? If so, would auto-revocation of the old key be part of the semantics that an RP should implement?

I realise early days, but a suggestion for this kind of extension has boundless possibilities.

GitHub Notification of comment by sbweeden
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Friday, 15 January 2021 00:29:30 UTC