Re: [webauthn] Cleanup when creating discoverable credentials with attestations (#1560)

This seems like a fair idea to me. So what would we imagine the API could look like? Here's one attempt:

function cleanUpPublicKeyCredentials({
  matching: optional PublicKeyCredentialDescriptor[],
  notMatching: optional PublicKeyCredentialDescriptor[],
}) -> void

Where for example:

- `cleanUpPublicKeyCredentials({})` would throw an exception.
- `cleanUpPublicKeyCredentials({ matching: [{ id: "credIdA" }] })` would request to delete the credential with ID `credIdA`, if present on any present authenticator and scoped to the calling RP.
- `cleanUpPublicKeyCredentials({ notMatching: [{ id: "credIdA" }] })` would request to delete all credentials _except_ `credIdA` present on any present authenticator and scoped to the calling RP.
- `cleanUpPublicKeyCredentials({ matching: [{ id: "credIdA" }], notMatching: [{ id: "credIdA" }] })` would effectively resolve to a no-op, but could also be an error.

In all cases, the call would return immediately so as not to reveal whether any of the listed credentials are present. No success or failure result is communicated back to the RP.

The client would check which available authenticators, if any, support credential management and compile a list of to-be-deleted credentials found. If that list turns out non-empty, the client would prompt the user for confirmation before applying the change.

If any authenticator requires UV to query credential management state, I guess the client would first of all prompt the user like "this website wants to do credential management" and ask for PINs or whatever if the user agrees. Though I guess that's likely to lead to a very messy user experience. But yeah, identifying issues like that is the primary purpose of the exercise. :slightly_smiling_face:

GitHub Notification of comment by emlun
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Monday, 15 March 2021 21:11:57 UTC