- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Thu, 05 Oct 2023 00:15:11 +0000
- To: public-webauthn@w3.org
> On the other hand one could argue that this still misses the mark - it's still the client handling the private keys, so they are still not hardware-bound. Perhaps we should instead do this with a new extension that enables actually hardware-bound private keys. Yes, but we don't have a TPM here. I think if someone wants hardware bound keys, they need to use a proper HSM. We aren't false advertising at all about what this will do. Where this is useful is *short lived* keys. Where the key is used and destroyed quickly. For example, a password manager which quickly gets the secret and does the decrypt of the secret and exposes it in memory, then the secret is used and destroyed. Or the ability to sign an email, or something else. I think this still has a use and I think it has a place. It's not missing a mark at all. We are allowing short-lived, derived keys that exist in memory, and there is a "chain" that to hold the key, you *very likely* have the hardware authenticator with you, but it's not a strict promise the key is *bound* to the authenticator. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1945#issuecomment-1747826308 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 5 October 2023 00:15:13 UTC