Re: [webauthn] Individual Certificate Authority for credential management and recovery (#1844) from Tim Cappalli via GitHub on 2023-01-26 (public-webauthn@w3.org from January 2023)

From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
Date: Thu, 26 Jan 2023 21:43:30 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1405699091-1674769408-sysbot+gh@w3.org>

> signing material is generated on a per-browser, per-origin basis

A passkey / WebAuthn credential is unique per origin and authenticator (some authenticators may be virtual and span multiple devices).

> they could generate a new keypair that has a signature chained to their personal certificate authority.

How would an average end user manage a "personal certificate authority"? Most users don't even use a password manager.

-- 
GitHub Notification of comment by timcappalli
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1844#issuecomment-1405699091 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 26 January 2023 21:43:32 UTC