- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Wed, 03 May 2023 14:37:02 +0000
- To: public-webauthn@w3.org
> We are makers of such a back-end system for banks, considering adding WebAuthn support and seeing close to zero benefits in implementing RS256 and Ed25519 because these will be rarely used. Plus, we have an idea on how to build WebAuthn back-end in a more creative way to simplify enrollment to service providers, and we are reluctant to support RS256 there because of the "old Windows problem." This is starting to get into "product requirement" territory. If you decide you don't want to support RS256 or Ed25519 then that's your decision as the product owner. Your customers will ultimately decide whether that's viable long-term. However "supporting as many versions of Windows as possible" is likely to be a requirement for the majority of other projects. Therefore I'd suggest we keep the current guidance as-is because the spec should aim for maximum support of the API. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1757#issuecomment-1533141299 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 3 May 2023 14:37:04 UTC