W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

[webauthn] Is there a way to store metadata in the authenticator with/without an extension? (#1613)

From: certainlyNotHeisenberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 20 May 2021 20:33:42 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-897419308-1621542820-sysbot+gh@w3.org>
certainlyNotHeisenberg has just created a new issue for https://github.com/w3c/webauthn:

== Is there a way to store metadata in the authenticator with/without an extension? ==
(I have in mind just a small amount of data, nothing very large.) This really amounts to three very similar questions:

1. Is there a way to do this _without_ an extension (so that it's supported by all WebAuthn implementations)?
2. Is there a way to do this with an extension currently implemented in most browsers?
3. Is there a way to do this with an extension on the road to wide implementation?

On (1), my hope was that perhaps [`attestedCredentialData`](https://w3c.github.io/webauthn/#attested-credential-data) would work, but my sense is this doesn't supported RP defined metadata, even of small size. Am I correct in saying this? Is there another option that isn't an extension?

On (2) and (3), my best guess is that only suitable extension is `largeBlob`, which I believe hasn't been implemented by all the major browsers and platform authenticators. (What I'm looking for is in some sense "`smallBlob`", if only that existed!) Is there any extension that would work? Does anyone know if for example Safari has any plans to implement support for `largeBlob` for iOS authenticators?

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1613 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 20 May 2021 20:33:45 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC