- From: Ackermann Yuriy <ackermann.yuriy@gmail.com>
- Date: Tue, 14 Oct 2025 13:12:38 -0700
- To: My1 via GitHub <noreply@w3.org>
- Cc: public-webauthn@w3.org
Received on Tuesday, 14 October 2025 20:12:53 UTC
There is a value for prf without UV. Just like hmacsecret PRF should return different value for uv and non-uv Yuriy Ackermann AI, Product, Passkey, FIDO, Identity, Standards github: @yackermann <https://github.com/yackermann> medium: @yackermann <https://medium.com/@yackermann> On Tue, 14 Oct 2025 at 11:09 AM, My1 via GitHub <noreply@w3.org> wrote: > okay? at least when using Google FIDO with my phone it always asked for > UV. and win hello also always did it so I was not exactly aware of that > specific circumstance. > > also did I miss something in the webauthn spec of is preferred not > supposed to ask for UV if available? I understand discouraged but preferred > seems a bit weird. > > > why shouldnt the spec just be made to say if PRF is used, to force UV? > > -- > GitHub Notification of comment by My1 > Please view or discuss this issue at > https://github.com/w3c/webauthn/issues/2337#issuecomment-3403046276 using > your GitHub account > > > -- > Sent via github-notify-ml as configured in > https://github.com/w3c/github-notify-ml-config > >
Received on Tuesday, 14 October 2025 20:12:53 UTC