- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Mon, 24 Jul 2023 09:11:45 +0000
- To: public-webauthn@w3.org
Not quite duplicate, but significant overlap with: #1255 Indeed, many WebAuthn authenticators (FIDO CTAP2 ones in particular) can also be used outside of WebAuthn for server-to-server authentication and more. Unlike WebAuthn, CTAP2 allows for skipping the user presence test during authentication, so CTAP2 authenticators can be used for unattended authentication outside of a web browser. For example, I use a couple of YubiKeys to authenticate some automated backup transfers via OpenSSH between my machines. The "scripting" use case is vague, but perhaps some of it (testing in particular) is already addressed by the [user agent automation](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/#sctn-automation) features? Beyond that I agree this is out of scope for WebAuthn itself, which is specifically a web API. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1924#issuecomment-1647522111 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 24 July 2023 09:11:47 UTC