[webauthn] Managing FIDO keys (#1612)

cyberphone has just created a new issue for https://github.com/w3c/webauthn:

== Managing FIDO keys ==
Pardon a question/comment from a person who has just started to work with FIDO/WebAuthn...

I have tested several WebAuthn demos (Duo Security, Yubico, StrongKey) and they all seem to pass on deletion of keys which leaves you with lots of "zombie" keys which then makes the selection process unmanageable.  The tests were mainly performed on W10 using resident keys (Windows Hello).

How is this supposed to work?  For traditional security tokens (X.509) there always was a built-in manager but not so for FIDO.

Is discovery and deletion supported at the CTAP2 level?

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1612 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 14 May 2021 02:10:32 UTC