webauthn
webauthn copied to clipboard
w3c
Web Authentication: An API for accessing Public Key Credentials
In an examples 1, 3 and 4 in section 1 there is a comment associated with the challenge: ``` /* 29 more random bytes generated by the server */ ```...
## Proposed Change Describe your proposed change. If you have suggested text, please file a corresponding Pull Request. The current WebAuthn text uses options enterprise to set enterpriseAttestationPossible state to...
[§3. Dependencies](https://w3c.github.io/webauthn/#sctn-dependencies) states that >This specification relies on several other underlying specifications, listed below and in [Terms defined by reference](https://w3c.github.io/webauthn/#index-defined-elsewhere). It also states, for example: >**HTML** >The concepts of [browsing...
## Proposed Change Following on from the discussion held at the TPAC face-to-face in Vancouver... In order to ensure consistent capability from the autofill UI, there is a desire for...
## Proposed Change https://github.com/w3c/webauthn/blob/main/index.bs#L983 Currently this text states: ``` :: A [=Public Key Credential Source=]'s [=generating authenticator=] determines at creation time whether the [=public key credential source=] is allowed to...
While crawling [Web Authentication: An API for accessing Public Key Credentials - Level](https://w3c.github.io/webauthn/), the following links to other specifications were detected as pointing to non-existing anchors, which should be fixed:...
I have found it difficult to understand what Discoverable credentials really means and how credentials could be discovered from just a RP ID. I read the https://www.w3.org/TR/webauthn-3/ specification and reviewed...
supporting security keys or platform authenticators to show the transaction. Also supports the platform to show the transaction text. If the client displayed the transaction text but not the authenticator...
How to guarantee created resident key is actually received by RP in adverse networking conditions?
I've noticed that under adverse network conditions (very common on mobile phones; especially in rural areas) it can happen quite often that the `navigator.credentials.create` call succeeds but the credential never...
Fixes #1994. *** Preview | Diff