Re: [webauthn] WebAuthn available to Workers? aka "silent authentication" (#199) from John Bradley via GitHub on 2022-12-07 (public-webauthn@w3.org from December 2022)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Wed, 07 Dec 2022 00:12:22 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1340186464-1670371941-sysbot+gh@w3.org>

Ssh can do silent authentication now as it is supported at the CTAP2 level.   

ssh has the option to create credentials at credprotect level 3 to prevent them from being used without UV. 

I and I expect others would be against exposing that at the WebAuthn level.  

Nothing stops someone from modifying openSSH to allow unattended ssh with credentials from a security key.  

OpenSSH supports the windows platform authenticator but I don't believe that authenticator exposes silent authentication in the WebAuthn.dll API. 

Platform authenticators don't directly support CTAP so not all features are supported.  

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/199#issuecomment-1340186464 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 7 December 2022 00:12:24 UTC