Tim Cappalli
Tim Cappalli
These scenarios are planned to be addressed by: https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Report-API-explainer
If Ubuntu has the concept of a restricted WebView for auth and it could be spawned at the system login screen, this should be possible.
@christiaanbrand or @rlin1 can you join a WebAuthn WG call in March to discuss this?
2025-03-26 WG call: this hasn't been discussed in quite some time, and the last time it was discussed there were concerns around untrusted text in a trusted UI. Planning to...
Recommend changing the title to "Digital Credentials API" to cover native and app2app use cases.
Regardless of which way we go here, we will need to provide guidance on how to fall back from the Digital Credentials API (please stop referring to it as "browser...
They would be dependencies only for one option. The alternative does not have those dependencies. So no, I don't think that's an issue.
> Like this idea - as a second iteration of this it could be nice to be able to have users authenticate through some SSO or LDAP service rather than...
Storing the RP ID is valuable for identifier-first flows in brownfield/existing deployments as covered here: https://passkeys.dev/docs/advanced/related-origins/#existing-deployments It is not needed for greenfield deployments where a common RP ID is used...
> Client doesn't support the requested extension Two things re: extensions: 1. Extensions are optional, so a WebAuthn ceremony will not fail because of an extension. If you request one...