W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2022

Re: [webauthn] devicePubKey extension MUST be supported if passkey is supported (#1691)

From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
Date: Mon, 24 Jan 2022 17:42:33 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1020368114-1643046151-sysbot+gh@w3.org>
> RPs need to enable the flow that is shown in the following URL **for all platform authenticators**.
> 
> https://docs.google.com/presentation/d/14WXRLDcOOf-3cdnAEBXh2Z_bA8LtLb7FbZE4vNmuPnM/edit?usp=sharing
> 
> **It is to ensure backward compatibility.** How can WebAuthn spec help?

@maxhata from a spec perspective, usage of the device public key extension cannot be enforced, in the same way that attestation is not required today. This is something that should be discussed in FIDO Alliance at the SPWG.

-- 
GitHub Notification of comment by timcappalli
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1691#issuecomment-1020368114 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 24 January 2022 17:42:34 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC