Re: [webauthn] <new proposal> Extending WebAuthn Protocol for Remote Authentication (#1580)

> FYI I know of at least one existing native-mobile-application FIDO2 based solution in this space already.
> 
> https://www.nist.gov/ctl/pscr/authim-0
> 
> I am not sure how WebAuthn would comprise part of a solution though since WebAuthn is a JavaScript API for browsers (the FIDO client) which do not typically directly control device cameras.

In order to solve this problem, it is necessary to define different levels of security. 
At the browser level, we can only assume that the browser is secure, so this solution can be implemented by simply combining webrtc and webauthn. Using Webrtc API to get the media and secure it with webauthn's key capabilities.
At the operating system level, key management can be linked to the camera data. Keys are usually located in secure storage devices, such usually protected by TEE or SE.

-- 
GitHub Notification of comment by thedreamwork
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1580#issuecomment-792639048 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 8 March 2021 10:03:21 UTC