webauthn
webauthn copied to clipboard
w3c
Web Authentication: An API for accessing Public Key Credentials
_This is not intended for level 3._ ## Proposed Change I have added an [explainer](https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Ambient-Signin-UI) to the wiki proposing a new UI mechanism and a way for sites to trigger...
This is an alternative to PR #2020 and does not rely on a single arbitrary string provided by the relying party. It instead allows the platform and the authenticator to...
The motivation behind both [`AuthenticatorAttestationResponseJSON.publicKey`](https://w3c.github.io/webauthn/#dom-authenticatorattestationresponsejson-publickey) and [`AuthenticatorAttestationResponseJSON.publicKeyAlgorithm`](https://w3c.github.io/webauthn/#dom-authenticatorattestationresponsejson-publickeyalgorithm) is the same: [easy access to credential data](https://w3c.github.io/webauthn/#sctn-public-key-easy). For good reason though, `AuthenticatorAttestationResponseJSON.publicKey` is not required since technically such data exists in the...
These suggestions were pulled out of a comment I made in https://github.com/w3c/webauthn/issues/2062#issuecomment-2093823953. This new issue pulls out the five new errors I'm proposing we add to WebAuthn to help restart...
## Description By the 20th, we need to confirm our availability for the TPAC face-to-face meeting. For now, we have the following proposal: - 2 sessions: I prefer Tuesday or...
https://w3c.github.io/webauthn/#sctn-createCredential says > The client MUST set BOTH requireUserPresence and requireUserVerification to FALSE when options.[mediation](https://w3c.github.io/webappsec-credential-management/#dom-credentialcreationoptions-mediation) is set to [conditional](https://w3c.github.io/webappsec-credential-management/#dom-credentialmediationrequirement-conditional) unless they may explicitly performed during the ceremony. However then that...
This specifies the behaviour of the `mediation: 'immediate'`. Issue: https://github.com/w3c/webauthn/issues/2228 Explainer: https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-immediate-mediation Parallel PR adding the enum to Credential Management: https://github.com/w3c/webappsec-credential-management/pull/272 *** Preview | Diff
The recently added section [18.1. Changes since Web Authentication Level 3 Working draft 2 [webauthn-3-20250127]](https://w3c.github.io/webauthn/#changes-since-l3-wd2) states: >_These changes will be merged into the next section when finalizing Level 3. Changes...
This addresses #1643: > We request that you do the following: > > * Remove the in-field encoding of language metadata using Unicode tag characters > * Remove the in-field...
Write an explainer for Level 4 about what we're trying to accomplish
