Re: [webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688)

I think it depends on whether or not there is a need for something new in the spec to satisfy your use case requirements. I'm not sure there is, but if you can explain the scenario you're trying to achieve and what you're currently seeing that is different from that ... well that might help.

Take for example the current developer-tech-preview Apple Passkey implementation. If I initiate a `navigator.credentials.get` operation (without an allowCredentials list), and already have a passkey registered, Safari will automatically default to using the passkey. Similarly with Chrome, if I have a discoverable platform credential created (at least on my Mac), and initiate a `navigator.credentials.get` operation, that is automatically preferred. Note that these are browser implementation decisions, not something controlled by options supplied by the RP, but I think that's behaving the way you want? 



-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1688#issuecomment-1147710273 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 6 June 2022 17:40:52 UTC