Re: [webauthn] devciePubKey extension MUST be supported if passkey is supported (#1691) from Shane Weeden via GitHub on 2022-01-20 (public-webauthn@w3.org from January 2022)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Thu, 20 Jan 2022 11:14:08 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1017392108-1642677247-sysbot+gh@w3.org>

Should it also be the case that attestation AAGUID for passkeys be unique and distinct from a device bound credential created on the same platform authenticator? Said another way, the RP, when using attestation, should be able to determine if the credential created by a platform authenticator is a passkey even if the extension is not requested or otherwise absent. 

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1691#issuecomment-1017392108 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 20 January 2022 11:14:10 UTC