Matthew Miller
Matthew Miller
Update: this method is being removed from WebAuthn in https://github.com/w3c/webauthn/pull/1936, but there's no reason I couldn't still add a method of this name to this project using the proposed `getClientCapabilities()`...
I try to avoid "me too" comments but I really like the idea of a callback for `challenge` for JIT querying for a challenge. It'd nicely solve the challenges lifetime...
It's been a while since this issue was opened, and we've come a long way since then especially now that we have a site like https://passkeys.dev to capture use of...
Reviewing this issue, I suspect the Abstract has been fine all along. The word "authenticators" links to here... https://www.w3.org/TR/webauthn-2/#authenticator Which states the following (emphasis mine): > A cryptographic entity, existing...
I'm second-guessing myself a bit because being able to "clone" credentials across authenticators vis-a-vis airdropping credentials between iCloud accounts seems to conflict with even the authenticator abstraction model.
Reopening this to review the current definition of Authenticator in the spec and update it to reflect the current times. @nicksteele will take on that task.
**WAWG Meeting @ Aug 30:** PR #1931 addressed part of my original issue, but I think there's more work needed to properly update the spec's Abstract. @timcappalli and I will...
I'm going through issues assigned to me and this one hasn't had any activity in over a year (aside from editing milestones.) I think we should consider closing this out...
It's time to close this out.
Windows Hello still uses RS256, and of course it won't be an overnight transition to anything else even if Microsoft's passkeys support flips Windows over to using ES256 exclusively. RP's...