W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2022

Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688)

From: Chad Killingsworth via GitHub <sysbot+gh@w3.org>
Date: Mon, 06 Jun 2022 16:46:58 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1147658711-1654534016-sysbot+gh@w3.org>
These are a confusing set of topics that's for sure. What I want is something like:

  publicKey: {
    challenge: new Uint8Array([/* bytes sent from the server */]),
    userVerification: true,
    authenticatorSelection: {
      attachment: "platform" // this is the missing piece

There's been some discussion of doing this via extensions, but also an acknowledgement that no user agent currently recognizes the extensions. Or did I miss a capability that already is in the spec? This could be accomplished with transport filtering as well, but I'm personally more interested in attachment.

GitHub Notification of comment by ChadKillingsworth
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-1147658711 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 6 June 2022 16:46:59 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:46 UTC