Intent to Prototype: WebAuthn remote desktop support

110 views
Skip to first unread message

Martin Kreichgauer

unread,
Apr 6, 2022, 7:22:31 PMApr 6
to blink-dev

Contact emails

mart...@google.com

Explainer

https://github.com/w3c/webauthn/wiki/Explainer:-Remote-Desktop-Support

Specification

https://w3c.github.io/webauthn/

Summary

Allow remote desktop clients to execute WebAuthn requests on behalf of another origin so that users browsing on a remote desktop host or virtual machine can use WebAuthn in those environments.



Blink component

Blink>WebAuthentication

Motivation

Users may want to browse websites that require WebAuthn for authentication on a computer that they can't access physically, like a remote desktop server or a virtual machine. If the remote desktop client is a native app, they can potentially accomplish this already by forwarding raw device access to a USB security key from the local machine to the remote one. This isn't possible for web-based clients however. This feature would enable a web-based remote desktop client, that is explicitly trusted by the user or their enterprise administrator, to make WebAuthn requests on behalf of another site authenticating the user on a remote host.



Initial public proposal

https://github.com/w3c/webauthn/issues/1577

TAG review



TAG review status

Pending

Risks



Interoperability and Compatibility



Gecko: No signal

WebKit: No signal

Web developers: No signals

Other signals: (Not an explicit signal of support, but there are various remote/virtual desktop clients that are implemented as native apps and support device pass-through, which effectively enables the use case.)

WebView Application Risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?



Debuggability



Is this feature fully tested by web-platform-tests?

No

Flag name



Requires code in //chrome?

True

Estimated milestones

No milestones specified



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5153848187420672

This intent message was generated by Chrome Platform Status.
Reply all
Reply to author
Forward
0 new messages