webauthn icon indicating copy to clipboard operation
webauthn copied to clipboard

Published 20 hours ago verified publisher icon w3c

FIDO credential decommissioning

Open jdenghifive opened this issue 3 years ago • 3 comments

FIDO credential decommissioning (with 3 cases) is specified in clause 1.3.5. However no API is defined yet for that end. Would like to raise the issue and request discussions here. The specified three uses cases ought to covered, and accomodate both credential types (client-side and server-side).

jdenghifive avatar Feb 09 '22 14:02 jdenghifive

We have discussed this several times now and have chosen not to proceed down this path.

nadalin avatar Feb 09 '22 15:02 nadalin

on 9-Feb-2022 call: @agl notes that the "Report signaling" section of https://github.com/w3c/webauthn/wiki/Explainer:-broadening-the-user-base-of-WebAuthn#report-signaling speaks to the needs being expressed here (although presently there is no consensus regarding actually developing and incorporating such functionality in the spec).

on 23-Feb-2022 call: we are awaiting response from @jdenghifive.

equalsJeffH avatar Feb 09 '22 21:02 equalsJeffH

on 9-Mar-2022 call: Not having heard back from @jdenghifive, we've triaged this to the "futures" milestone for future consideration.
@agl noted that the "report signaling" section of the explainer (linked in the comment above) continues to be, in general, an interesting idea that the working group should consider when it has the cycles.

equalsJeffH avatar Mar 09 '22 21:03 equalsJeffH

closing to consolidate discussions on this topic. please continue discussions here: https://github.com/w3c/webauthn/issues/1967

timcappalli avatar Sep 19 '23 19:09 timcappalli