W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2022

[webauthn] Add ability to query for feasibility of registering a credential that is backup eligible (#1788)

From: Matthew Miller via GitHub <sysbot+gh@w3.org>
Date: Tue, 09 Aug 2022 19:45:25 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1333710064-1660074323-sysbot+gh@w3.org>
MasterKale has just created a new issue for https://github.com/w3c/webauthn:

== Add ability to query for feasibility of registering a credential that is backup eligible ==
## Proposed Change

I propose adding a new API to `PublicKeyCredential` that would allow RP's to determine the feasibility of generating a backup-eligible platform authenticator credential. The majority of our existing platform authenticator credentials are backup-**ineligible**. It would be desirable for us at Cisco to be able to know ahead of time if we could "upgrade" a user's existing platform credential after a successful auth, without going through an entire registration flow and then rejecting it afterwards because we analyze the flags and see that the new credential is not eligible for backup.

In the spirit of existing methods, I'm thinking of something like `PublicKeyCredential.canCreateBackupEligibleCredential()` that eventually returns a simple `true`/`false`. Perhaps it accepts a single `authenticatorAttachment` parameter to help future-proof the method for a potential future state where cross-platform authenticators are capable of backing up credentials too.

Alternatively, in the spirit of [feedback that @sbweeden has left in a somewhat related issue](https://github.com/w3c/webauthn/issues/1739#issuecomment-1151670633), this could be addressed by user agent behavior that fails a call to `navigator.credentials.create()` if some new parameter "`backupEligible: true`" was passed into the options and it is determined that the platform authenticator could not respect that option (because the backup mechanism is disabled, etc...).

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1788 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 9 August 2022 19:45:27 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 9 August 2022 19:45:28 UTC