W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2022

Re: [webauthn] devciePubKey extension MUST be supported if passkey is supported (#1691)

From: Max Hata via GitHub <sysbot+gh@w3.org>
Date: Sun, 23 Jan 2022 12:36:17 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1019476409-1642941375-sysbot+gh@w3.org>
Multi-device WebAuthn credentials that are syncable and devicePubKey extension are an inseparable pair, where devicePubKey extension is a fallback.

Multi-device WebAuthn credentials is synced with cloud of a party, e.g., a platform vendor, whose cloud security is not known to RPs. So some RPs cannot accept such cloud synced multi-device WebAuthn credentials, despite the convenience that it offers. For them, devicePubKey is the mechanism not to accept cloud synced multi-device WebAuthn credentials with unknown security unconditionally, but to accept them after their own verification to ensure the security of the RP's accounts.

GitHub Notification of comment by maxhata
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1691#issuecomment-1019476409 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Sunday, 23 January 2022 12:36:18 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC