W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

Re: [webauthn] Managing FIDO keys (#1612)

From: John Bradley <ve7jtb@ve7jtb.com>
Date: Sun, 16 May 2021 16:54:00 -0400
Message-ID: <CAANoGhKBjOQyaWzHhCNH-oK1rE1PMK6366+CrNPkA8WLUxCFVA@mail.gmail.com>
To: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Cc: W3C Web Authn WG <public-webauthn@w3.org>
Microsoft has not yet publicly released the Fido credential management
API.  So there is no way to delete individual credentials on the platform
authenticator.

I think there is a way to reset all of the credential but I don't think
that is obvious.

I regularly remind MS that this is an issue, so they are well aware of it.





On Sun, May 16, 2021, 4:45 PM Emil Lundberg via GitHub <sysbot+gh@w3.org>
wrote:

> There is a cross-platform protocol for this standardized by FIDO, but it's
> not exposed through WebAuthn to the RP due to the privacy concerns
> mentioned above. But recent versions of Chrome do already ship a credential
> management GUI (I believe Windows does too, but I don't have a machine on
> hand to check) in the browser settings: chrome://settings/securityKeys . At
> least Chrome 89 has a "sign-in data" section there which allows you to
> manage resident credentials. Though I will concede that it's a bit buried
> and not easily discoverable unless you already know to look for it.
>
> --
> GitHub Notification of comment by emlun
> Please view or discuss this issue at
> https://github.com/w3c/webauthn/issues/1612#issuecomment-841874957 using
> your GitHub account
>
>
> --
> Sent via github-notify-ml as configured in
> https://github.com/w3c/github-notify-ml-config
>
>
Received on Sunday, 16 May 2021 20:54:02 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC