- From: Ackermann Yuriy <ackermann.yuriy@gmail.com>
- Date: Tue, 9 Sep 2025 13:46:58 +1200
- To: Sage Pointer via GitHub <noreply@w3.org>
- Cc: public-webauthn@w3.org
Received on Tuesday, 9 September 2025 01:47:14 UTC
Standard is -7(ES256), and -257(RS256) Yuriy Ackermann AI, Product, Passkey, FIDO, Identity, Standards github: @yackermann <https://github.com/yackermann> medium: @yackermann <https://medium.com/@yackermann> On Sat, 6 Sep 2025 at 4:02 PM, Sage Pointer via GitHub <noreply@w3.org> wrote: > > What's surprising is that there are some Windows 11 installations, even > when up to date, that still only allow creating passkeys with RS256. Is > there any reasonable explanation for this? > > I quick tested on Virtualbox, and to me this happened when TPM was off. > Without TPM, Windows 11 failed to use ES256 (but attempted to do so, if > algo list contained ES256 before RS256 it requested the PIN twice). This > can be figured out by AAGUID which is 6028B017-B1D4-4C02-B4B3-AFCDAFC96BB2 > for Windows Hello software implementation and > 08987058-CADC-4B81-B6E1-30DE50DCBE96 for the TPM-backed one. > > -- > GitHub Notification of comment by SagePtr > Please view or discuss this issue at > https://github.com/w3c/webauthn/issues/1757#issuecomment-3260409133 using > your GitHub account > > > -- > Sent via github-notify-ml as configured in > https://github.com/w3c/github-notify-ml-config > >
Received on Tuesday, 9 September 2025 01:47:14 UTC