> 1. want to be able to remove all passwords multi-device in some synced state is required, may reject single device credentials <snip> > 1 Single Device 0 / multi-device capable 1 > 2 Not backed up 0 / backed up 1 The use case of a less-sophisticated RP requesting authenticators which are backed up due them lacking sophisticated/cost-effective account recovery flows is interesting, as that is one where attestations and extensions adding more sophistication really wouldn't help. I don't know if this would be more of a client request (which could be accomplished via authenticator metadata) or something where there's value in having the authenticator self-attest the current backup state of a credential. -- GitHub Notification of comment by dwaite Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1691#issuecomment-1018949621 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Friday, 21 January 2022 23:31:02 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC