W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2022

Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Mon, 10 Jan 2022 10:41:44 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1008743434-1641811301-sysbot+gh@w3.org>
> [...] Why not allow the RP to suggest in attestation options a richer set of acceptable authenticator properties?
> An extreme here might be an AAGUID allow-list [...]

This is precisely what the [`authnSel` extension](https://www.w3.org/TR/2019/REC-webauthn-1-20190304/#sctn-authenticator-selection-extension) does. It was removed from L2 for lack of client implementations, but it still "exists" in the sense that it's there and "ready to go" if someone were to implement it.

Also it seems like I'm a bit out of the loop, what does "passkey" mean in this context?

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-1008743434 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 10 January 2022 10:41:46 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC