- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 02 Aug 2022 14:29:53 +0000
- To: public-webauthn@w3.org
> user presence and interaction is a really core part of how these devices work Yes and no. At least CTAP2 actually can perform `getAssertion` without user presence (also called "silent authentication"), it's just that WebAuthn requires that browsers always set the "require UP" option. So we certainly _could_ devise a WebAuthn operation that, for example, an RP could call once a minute or so to get a silent assertion (but probably only after one with user presence). But the use cases and specifics are quite muddy beyond that. The kind of integration with HTTP envisioned here seems closely related to ideas discussed in #1255, which so far haven't gained any traction either. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1785#issuecomment-1202697856 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 2 August 2022 14:29:55 UTC