Re: [webauthn] Syncing Platform Keys, Recoverability and Security levels (#1640) from Emil Lundberg via GitHub on 2021-07-19 (public-webauthn@w3.org from July 2021)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Mon, 19 Jul 2021 10:14:20 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-882426848-1626689658-sysbot+gh@w3.org>

A WebAuthn parameter for RPs to signal whether syncing keys is permissible was previously discussed in #969. That was closed with the note:

>we believe this has been superseded by issues such as #1546

Also noted there is that if syncing keys is not acceptable to an RP, then that RP must by necessity enforce attestation by allow-list anyway. So a parameter could at most optimize the user experience, but doesn't really introduce any new capability.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1640#issuecomment-882426848 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 19 July 2021 10:14:22 UTC