Re: [webauthn] Give each authenticator a GUID and add an option to CredentialsContainer: create method to return this GUID if user permits (#2263) from Firstyear via GitHub on 2025-02-21 (public-webauthn@w3.org from February 2025)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Fri, 21 Feb 2025 04:54:10 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2673443579-1740113648-sysbot+gh@w3.org>

I am extremely aware of these concepts and how the work.

The AAGUID is a *device model* identifier. If I have two yubikeys, they have the same AAGUID because they are the same model of device.

You can not fingerprint unique webauthn authenticators. 

-- 
GitHub Notification of comment by Firstyear
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2263#issuecomment-2673443579 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 21 February 2025 04:54:11 UTC