W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

[webauthn] Managing FIDO keys (#1612)

From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
Date: Fri, 14 May 2021 02:10:30 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-891534166-1620958228-sysbot+gh@w3.org>
cyberphone has just created a new issue for https://github.com/w3c/webauthn:

== Managing FIDO keys ==
Pardon a question/comment from a person who has just started to work with FIDO/WebAuthn...

I have tested several WebAuthn demos (Duo Security, Yubico, StrongKey) and they all seem to pass on deletion of keys which leaves you with lots of "zombie" keys which then makes the selection process unmanageable.  The tests were mainly performed on W10 using resident keys (Windows Hello).

How is this supposed to work?  For traditional security tokens (X.509) there always was a built-in manager but not so for FIDO.

Is discovery and deletion supported at the CTAP2 level?



Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1612 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 14 May 2021 02:10:32 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC