[webauthn] Deprecation warning for fido-u2f, apple, and android-safetynet? (#1989) from Roman Bukin via GitHub on 2023-10-15 (public-webauthn@w3.org from October 2023)

From: Roman Bukin via GitHub <sysbot+gh@w3.org>
Date: Sun, 15 Oct 2023 21:57:40 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1944072653-1697407057-sysbot+gh@w3.org>

vanbukin has just created a new issue for https://github.com/w3c/webauthn:

== Deprecation warning for fido-u2f, apple, and android-safetynet? ==
`fido-u2f`: [Google Chrome, Edge, Firefox no longer supports U2F](https://developer.chrome.com/blog/deps-rems-95/#deprecate-u2f-api-cryptotoken)

`apple`: [Apple has moved to Passkeys starting from iOS 16 and no longer provides an Attestation Statement (to be precise - returns 'none')](https://developer.apple.com/videos/play/wwdc2022/10092/?time=1211)

`android-safetynet`: [Google has announced the deprecation of SafetyNet Attestation.](https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline)

----
Perhaps it would be worthwhile to add notes to the specification about certain Attestation Statement Formats either not being supported from specific browser versions, or discontinuing support in the future (as is the case with SafetyNet).

This would be a good support when implementing libraries for WebAuthn. So that those who develop them would not spend effort supporting something that is either used by a very small percentage of the audience, or not used at all.


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1989 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Sunday, 15 October 2023 21:57:42 UTC