W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2022

Re: [webauthn] Credential Creation Options are inconsistent to Request (#1716)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Mon, 15 Aug 2022 07:15:35 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1214695136-1660547734-sysbot+gh@w3.org>
> > It's incredibly frustrating that with Chrome, a user can enroll an Android phone, but cannot use it to verify without "cable" in the list of transports, whose presence causes Safari to crash.
> > We absolutely need the ability to restrict registration the same way we restrict verification. At least until all the browsers comply with whatever standards are agreed upon.
> It might be just a stop-gap but given that transports are optional elements of the allowCredentials list, couldn't you just filter that out client-side before calling `navgiator.credentials.get` when you detect you are running on Safari?

The issue is registration, not authentication in this case. 

GitHub Notification of comment by Firstyear
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1716#issuecomment-1214695136 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 15 August 2022 07:15:37 UTC

This archive was generated by hypermail 2.4.0 : Monday, 15 August 2022 07:15:38 UTC