Firstyear
Firstyear
I did test with openssl and it did fail to identify the keys in the manner described in that issue. So yes, could be a dup :) Thank you! Would...
https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential/toJSON
This may already be somewhat resolved by the editors draft where the toJSON interface defines this, but we still should resolve this for users who *don't* call the toJSON interfaces.
toJson gives precedent that we do care about this transport - else we wouldn't need the browser to serialise something and make a promise about the shape of that data.
> The process I've _personally_ followed in library data structures is to follow the format of the output of toJSON exactly, because to my way of thinking that is effectively...
Hi there @duament The short answer is "today - it's not possible". The longer answer is that there are many dimensions here - all of them problematic and bad. We...
PS: If we were to pursue this, we would make it an option in https://github.com/kanidm/webauthn-rs first since that's what we use for webauthn. Currently our "usernameless" flows are hidden/disabled by...
For fun, lets actually do a demo! So here is chrome with a security key during registration: Registration seems fine so far, prompt for what credentials to use, that's all...
Also @duament please don't think my response was intended to be rude - there are a lot of snake oil peddlers in the webauthn space (especially passkeys) right now who...
Related https://github.com/kanidm/webauthn-rs/pull/327