webauthn-framework icon indicating copy to clipboard operation
webauthn-framework copied to clipboard

Published 20 hours ago verified publisher icon web-auth

Add status revoked to isCompromised

Open marcriemer opened this issue 1 year ago • 0 comments

Target branch: 4.9.x

  • [X] It is a Bug fix
  • [ ] It is a New feature
  • [ ] Breaks BC
  • [ ] Includes Deprecations

According to the FIDO specifications, any authenticator marked as "removed" should not be utilized. If an authenticator is flagged as a "fraudulent product," it should be considered compromised, thus rendering it untrustworthy. Consequently, the server should reject any interactions involving such an authenticator to maintain a secure environment.

marcriemer avatar Sep 05 '24 16:09 marcriemer