Emil Lundberg

> Wouldn't it be preferable to use "Web Authentication" in full, at least in the user-facing HTML? This is because the form "WebAuthn" doesn't really mean anything to someone who...

Oh, I see, it does show up in the raw log view. All I saw in the job view was this, so I assumed the whole build was borked: ...

I'll need some help troubleshooting the Windows/Mac failures. It is consistently the `TestWebauthnConfigChanges/Can_edit_*` tests that fail, most likely because they make config changes and therefore cause the test server to...

Alright, I think I found out why the tests were failing: the server shutdown grace period on config changes was a bit too aggressive at 100 ms. :slightly_smiling_face: I made...

Hold that thought - the WebAuthn login flow seems to be broken for some reason :facepalm: even though it does successfully return a session cookie which is sent in subsequent...

Yeah, the [WebAuthn credential state update](https://github.com/syncthing/syncthing/pull/9175/files#diff-f60e2b552ba20a106cc9c98a95695b2dd7c367e67d1373516f12496d7b54625aR287-R305) is causing a server restart because it's changing config, which causes the `tokenManager`s to diverge and lose the newly created token (but curiously the...

I need to [rewrite the state storage](https://github.com/syncthing/syncthing/pull/9175#issuecomment-2106394881) before this'll work properly. I hope to have some time to do this in the next week or so.

You can see in the output: `serial: None`. This is because the Security Key series does not have serial numbers.

@zelch Thanks - you may be right, but the CTAP2 spec is currently underspecified in regards to this. Some background: We had misremembered the WebAuthn spec saying this about the...

Hi! This sounds like a duplicate of issue #274, which is about supporting username-less accounts. There is some experimental support for that available, see the most recent few comments in...