Re: [webauthn] devicePubKey extension MUST be supported if passkey is supported (#1691) from Tim Cappalli via GitHub on 2022-01-24 (public-webauthn@w3.org from January 2022)

From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
Date: Mon, 24 Jan 2022 17:42:33 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1020368114-1643046151-sysbot+gh@w3.org>

> RPs need to enable the flow that is shown in the following URL **for all platform authenticators**.
> 
> https://docs.google.com/presentation/d/14WXRLDcOOf-3cdnAEBXh2Z_bA8LtLb7FbZE4vNmuPnM/edit?usp=sharing
> 
> **It is to ensure backward compatibility.** How can WebAuthn spec help?

@maxhata from a spec perspective, usage of the device public key extension cannot be enforced, in the same way that attestation is not required today. This is something that should be discussed in FIDO Alliance at the SPWG.

-- 
GitHub Notification of comment by timcappalli
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1691#issuecomment-1020368114 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 24 January 2022 17:42:34 UTC