Re: [webauthn] Discussing mechanisms for enterprise RP's to enforce bound properties of credentials (#1739) from Shane Weeden via GitHub on 2022-06-14 (public-webauthn@w3.org from June 2022)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Tue, 14 Jun 2022 18:24:29 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1155554896-1655231067-sysbot+gh@w3.org>

> Wouldn't DPK support (PR#1663) be sufficient?  Essentially not preventing the multi-device key, but ensuring an additional single-device key being established *per device*.

I think so however it would have to include DPK attestation. 

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1739#issuecomment-1155554896 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 14 June 2022 18:24:30 UTC