W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

Re: [webauthn] Managing FIDO keys (#1612)

From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
Date: Fri, 14 May 2021 04:30:40 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-840998842-1620966639-sysbot+gh@w3.org>
Thanx @Kieun !
This though makes testing and development considerably more challenging.

In my own application, I would like to clear any possible earlier key (for the domain of course) for each enrollment as the key may have been deleted at the RP.  This seems like a possible real-world scenario as well.  In an enroll-disenroll-enroll scenario you don't want the confuse the user and you also want to get a freshly attested key.  Keeping a registry of disenrolled keys is usually not an option.  Requiring users to go to platform specific "settings" does (IMO) only work for experts which defeats the purpose of FIDO.

Maybe I'm just missing something?  Reading the WebAuthn specs is not for everybody...

-- 
GitHub Notification of comment by cyberphone
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1612#issuecomment-840998842 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 14 May 2021 04:30:43 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC