Re: [webauthn] Discussing mechanisms for enterprise RP's to enforce bound properties of credentials (#1739) from Arian van Putten via GitHub on 2024-03-21 (public-webauthn@w3.org from March 2024)

From: Arian van Putten via GitHub <sysbot+gh@w3.org>
Date: Thu, 21 Mar 2024 11:40:34 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2012043616-1711021233-sysbot+gh@w3.org>

FWIW Apple has made some improvements in this field:

Passkeys are now available for Managed Apple IDs https://developer.apple.com/videos/play/wwdc2023/10263/

* They can not be shared between users
* There is an attestation statement that proves the Passkey is stored in an iCloud Keychain of the managed Apple ID 
* There is an optional attestation statement that the Passkey is only accessible on managed devices

-- 
GitHub Notification of comment by arianvp
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1739#issuecomment-2012043616 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 21 March 2024 11:40:35 UTC