Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688) from Emil Lundberg via GitHub on 2022-01-10 (public-webauthn@w3.org from January 2022)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Mon, 10 Jan 2022 10:41:44 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1008743434-1641811301-sysbot+gh@w3.org>

> [...] Why not allow the RP to suggest in attestation options a richer set of acceptable authenticator properties?
> 
> An extreme here might be an AAGUID allow-list [...]

This is precisely what the [`authnSel` extension](https://www.w3.org/TR/2019/REC-webauthn-1-20190304/#sctn-authenticator-selection-extension) does. It was removed from L2 for lack of client implementations, but it still "exists" in the sense that it's there and "ready to go" if someone were to implement it.

Also it seems like I'm a bit out of the loop, what does "passkey" mean in this context?

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-1008743434 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 10 January 2022 10:41:46 UTC