The point of this extension is not to signal that a credential is multi-device, it's to "extend" a multi-device credential with one or more hardware-bound keys that don't migrate to other devices along with the multi-device key. So when the RP sees one of those hardware-bound keys for the second and subsequent time, that's a stronger assurance of authenticity than just the multi-device key. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1658#issuecomment-1020868076 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Tuesday, 25 January 2022 06:58:39 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC