Re: [webauthn] Managing FIDO keys (#1612)

Thanx @Kieun !
This though makes testing and development considerably more challenging.

In my own application, I would like to clear any possible earlier key (for the domain of course) for each enrollment as the key may have been deleted at the RP.  This seems like a possible real-world scenario as well.  In an enroll-disenroll-enroll scenario you don't want the confuse the user and you also want to get a freshly attested key.  Keeping a registry of disenrolled keys is usually not an option.  Requiring users to go to platform specific "settings" does (IMO) only work for experts which defeats the purpose of FIDO.

Maybe I'm just missing something?  Reading the WebAuthn specs is not for everybody...

GitHub Notification of comment by cyberphone
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Friday, 14 May 2021 04:30:43 UTC