Re: [webauthn] Recovering from Device Loss (#931)


> One strong security aspect of webauthn is the certainity that this private key is a secret tied to the authenticator device and that there is no way to "extract it".

The proposal by @emlun does not violate that principle. There is no need for the authenticators to export or share secrets.

GitHub Notification of comment by Blobonat
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Tuesday, 5 April 2022 09:44:08 UTC