- From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
- Date: Tue, 26 Apr 2022 01:49:30 +0000
- To: public-webauthn@w3.org
The platforms might decide whether the new device is capable of restoring the backup credential? Is there any policy for this? RP might want to enforce 2FA (with UV) and so it requires UV for the registration/authentication. If the generated credential is BE (backup eligible) and then restored from the new device, then still we can make sure that the credential is protected by UV? Or, is it possible that the credential is restored but the UP is only supported on the new device? -- GitHub Notification of comment by Kieun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1695#issuecomment-1109213002 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 26 April 2022 01:49:31 UTC