W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2021

Re: [webauthn] <new proposal> Extending WebAuthn Protocol for Remote Authentication (#1580)

From: The via GitHub <sysbot+gh@w3.org>
Date: Mon, 08 Mar 2021 10:03:19 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-792639048-1615197798-sysbot+gh@w3.org>
> FYI I know of at least one existing native-mobile-application FIDO2 based solution in this space already.
> 
> https://www.nist.gov/ctl/pscr/authim-0
> 
> I am not sure how WebAuthn would comprise part of a solution though since WebAuthn is a JavaScript API for browsers (the FIDO client) which do not typically directly control device cameras.

In order to solve this problem, it is necessary to define different levels of security. 
At the browser level, we can only assume that the browser is secure, so this solution can be implemented by simply combining webrtc and webauthn. Using Webrtc API to get the media and secure it with webauthn's key capabilities.
At the operating system level, key management can be linked to the camera data. Keys are usually located in secure storage devices, such usually protected by TEE or SE.

-- 
GitHub Notification of comment by thedreamwork
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1580#issuecomment-792639048 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 8 March 2021 10:03:21 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC