- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 02 Apr 2025 19:34:37 +0000
- To: public-webauthn@w3.org
emlun has just closed emlun's pull request 1425 for https://github.com/w3c/webauthn:
== Add recovery extension ==
This is an attempt at solving #931 through Yubico's proposed recovery extension, as proposed in https://github.com/Yubico/webauthn-recovery-extension . Formal proofs of the security of the key generation scheme are currently awaiting peer review.
For interoperability between authenticator vendors, this would also need some additions to CTAP. A proposal for that is also included in the link above, but is outside the scope of WebAuthnn.
It might be more suitable to extract the details of the key generation algorithm to an external reference, but I don't currently know where to start in that case. Either way, I think it's useful to get some review from this working group for starters.
<!--
This comment and the below content is programatically generated.
You may add a comma-separated list of anchors you'd like a
direct link to below (e.g. #idl-serializers, #idl-sequence):
Don't remove this comment or modify anything below this line.
If you don't want a preview generated for this pull request,
just replace the whole of this comment's content by "no preview"
and remove what's below.
-->
***
<a href="https://pr-preview.s3.amazonaws.com/w3c/webauthn/pull/1425.html" title="Last updated on Jul 8, 2020, 7:18 PM UTC (de0b916)">Preview</a> | <a href="https://pr-preview.s3.amazonaws.com/w3c/webauthn/1425/f10427d...de0b916.html" title="Last updated on Jul 8, 2020, 7:18 PM UTC (de0b916)">Diff</a>
See https://github.com/w3c/webauthn/pull/1425
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 2 April 2025 19:34:38 UTC