Browser seems to ignore residentKey=preferred

[dIeGoLi]

I am using a yubikey which is able to store credentials. I tested using current version of firefox, chrome and edge on windows 10 and 11. All behave the same.

Szenario one: Use the custom page from the demo project, and set following register properties:

Attestation type: direct
Authenticator: not specified
User verification: preferred
resident key: required

The browser/OS guides thru setup and the dialog indicates that really resident credentials are created. On the demo page i can log in either using Go Usernameless or Go Passwordless.

Szenario two: Use the custom page from the demo project, and set following register properties:

Attestation type: direct
Authenticator: not specified
User verification: preferred
resident key: preferred <-----

The browser/OS guides thru setup and the dialog now does not indicate that resident credentials are created. On the demo page i can only log in using passwordless but not usernameless. I would expect that resident credentials are created because preferred is specified and the key supports it. (ResidentKeyRequirement). I guess it's not a problem of the fido2-net-lib but maybe you could share your thoughts how you deal with it? Do we just accept it? :) The only, in my opinion, user unfriendly option is to allow the user to choose the parameter. Try with required, if it does not work, try preferred/discouraged.

On the other hand using an android phone with chrome correctly respects the residentKey preferred and sets up a resident credential. Android phone for me was the reason to wish that fido2-net-lib supports the residentKey parameter