Re: [webauthn] Authenticator flag to indicate internal knowledge of rk (discoverable credential creation). (#1761) from David Waite via GitHub on 2022-07-18 (public-webauthn@w3.org from July 2022)

From: David Waite via GitHub <sysbot+gh@w3.org>
Date: Mon, 18 Jul 2022 03:51:41 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1186734560-1658116300-sysbot+gh@w3.org>

> But today an authenticator does use the same aaguid for an attested credential regardless of it's rk state or not. So you can't really use attestation for this purpose. That's why I suggested this signed boolean flag.

Are you talking about (the now misnamed) resident key as a state used to convey a desire for discoverable credential behavior? 

Or are you talking about a security property to know that a private key is held by a Secure Enclave and is not exportable?

-- 
GitHub Notification of comment by dwaite
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1761#issuecomment-1186734560 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 18 July 2022 03:51:43 UTC