W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2021

Re: [webauthn] Support for authenticators providing two keys (#1546)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Fri, 15 Jan 2021 00:29:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-760563981-1610670567-sysbot+gh@w3.org>
So many things come to mind with a pattern like this, such as:

- Would the user be aware they are registering two keypairs - and would they be so informed in the user agent UI?
- Would this extension also apply to an assertion ceremony such that keypair replacement / rollover is possible, e.g. including to a newer algorithm? If so, would auto-revocation of the old key be part of the semantics that an RP should implement?

I realise early days, but a suggestion for this kind of extension has boundless possibilities.

GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1546#issuecomment-760563981 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 15 January 2021 00:29:30 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:38:40 UTC