Re: [webauthn] Indicate that the credential could be backed up and restored, but not synchronized (#1933) from Emil Lundberg via GitHub on 2023-07-27 (public-webauthn@w3.org from July 2023)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 27 Jul 2023 12:12:17 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1653492965-1690459935-sysbot+gh@w3.org>

> passkey providers might have some logics to enforce the credential cannot be activated in the multiple devices at the same time

How would this be done, securely? How can that enforcement logic be guaranteed that a currently active device honestly obeys the command to delete a private key?

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1933#issuecomment-1653492965 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 27 July 2023 12:12:19 UTC