- From: Nuno Sung via GitHub <sysbot+gh@w3.org>
- Date: Thu, 19 May 2022 04:02:13 +0000
- To: public-webauthn@w3.org
> IMO we shouldn't include random extensions like this to the standard. Currently between the 5 models of test authenticator I have from various vendors, no webauthn extension is supported by them. Just update the relative information for the point that the extension `hmac-secret` in CTAP2 is the one of [MUST to implement features as Microsoft-compatible security key](https://docs.microsoft.com/nb-NO/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key). So most authenticators from below vendors should already support it. https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless#fido2-security-key-providers Besides, this optional feature is also marked as mandatory feature for fido2.1 security key, https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#mandatory-features -- GitHub Notification of comment by nuno0529 Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1732#issuecomment-1131176561 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 19 May 2022 04:02:15 UTC