[webauthn] Credential Creation Options are inconsistent to Request (#1716) from Firstyear via GitHub on 2022-04-04 (public-webauthn@w3.org from April 2022)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Mon, 04 Apr 2022 23:04:39 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1192405142-1649113477-sysbot+gh@w3.org>

Firstyear has just created a new issue for https://github.com/w3c/webauthn:

== Credential Creation Options are inconsistent to Request ==
In creation there is no way to specify to the user agent which transports we allow, since we only have:

https://www.w3.org/TR/webauthn-3/#dictdef-authenticatorselectioncriteria
https://www.w3.org/TR/webauthn-3/#enum-attachment

Which is limited to platform and cross-platform. This causes the situation to be confusing now with caBLE, where we may or may not want to allow this. 

During assertion however, we can select this with:

https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialdescriptor
https://www.w3.org/TR/webauthn-3/#enum-transport

We should be able to specify allowed transports in registration, the same way we specify them in assertion. 

I propose that we extend https://www.w3.org/TR/webauthn-3/#dictionary-authenticatorSelection with transports and we deprecate the use of authenticatorAttachment since transports is more expressive, and can express the full state and set of attachment modalities.  

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1716 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 4 April 2022 23:04:40 UTC