Chrome dev channel support for WebAuthn

[Christiaan Brand]

Dear FIDO2 beta tester,

Good news! Chrome's dev channel now has experimental support for WebAuthn + FIDO2. 

Caveats:

• This only works on Desktop versions
• We only implement CTAP1.2 today, that means only existing external USB "U2F" tokens will work
• You have to invoke Chrome with the flag: --enable-features=WebAuthentication or navigate to chrome://flags and enable "Web Authentication API" (restart required).
• This is based on the latest (WD07) version of the WebAuthn spec

You will be able to test this against Google's webauthndemo.appspot.com demo WebAuthn/FIDO2 server.

Regards,

Christiaan

[Christiaan Brand]

it shouldn't be, right Kim?

On Wed, Jan 24, 2018 at 2:12 PM, Brad Hill <hill...@gmail.com> wrote:

Cbristiaan, is the API origin-locked to that demo server?

--
You received this message because you are subscribed to the Google Groups "google-fido2-beta" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-fido2-beta+unsubscribe@googlegroups.com.
To post to this group, send email to google-fido2-beta@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-fido2-beta/CAE1XR1ng0%2B-q6y-9EUnDOuxyw%2BTENVRFqnCtE6ayDVtaJ-uq9w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Christiaan Brand]

For those who didn't get Kim's response: It's not origin-locked... should work with any secure origin.

[Christiaan Brand]

Okay - correction: please use the Canary versions for now. It's not quite in Dev yet.

[Kris Vandermast]

Dear Christiaan,

Awesome step forward! Thanks for pointing out odat only CTAP1.2 will be supported. How about other protocols, e.g. BLE/NFC? Is there a known roadmap for these?

Thanks,

Kris

[Mitul Vanasiwala]

Hi Christian,

Can you please share any latest update on this? Will CTAP2 over BLE witll work with cross platform authenitcator (Android / IOS Device)

Request to help me with the use case of a user running a web application on their laptop or desktop and wants to use a smartphone as the cross-platform authenticator.

• User will attempt to sign-in (would enter username) into our web application from their laptop or desktop browser (using Chrome, Mozilla, Safari)
• There will be an option "Use Phone as security key"
• Once the user would click this option, the user will be prompted on their smartphone for a fingerprint scan or a PIN or face recognition.
• Upon successful verification, the user would be logged in to our web application.

Please help me understand the process for setting up a smart-phone as a cross-platform authenticator? Is this a use case that Web Authentication supports?

Regards,

Mitul V

[Martin Kreichgauer]

Chrome does not support CTAP2 over BLE. We in the Chrome team are working on making phones usable as security keys, but have nothing to announce in that area at the moment.

Cheers,

Martin Kreichgauer

Disclaimer: Privileged & confidential information is contained in this message (including all attachments). If you are not an intended recipient of this message, please destroy this message immediately and kindly notify the sender by reply e-mail. Any unauthorized use or dissemination of this message in any manner whatsoever, in whole or in part, is strictly prohibited. This e-mail, including all attachments hereto, is for discussion purposes only and shall not be deemed or construed otherwise unless expressly stated. Any views or opinions presented in this email are solely those of the author and do not necessarily represent that of NJ Group of Companies. This communication, including any attachments may not be free of viruses, interceptions or interference, and may not be compatible with your systems. You should carry out your own virus checks before opening any attachment to this e-mail. The sender of this e-mail and NJ Group of Companies shall not be liable for any damage that you may sustain as a result of viruses, incompleteness of this message, a delay in receipt of this message or computer problems experienced. This message has been scanned for viruses and dangerous content by NJGroup Email Server, and is believed to be clean.

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/86a78274-492b-4f2e-8292-2b0fb57393e1n%40fidoalliance.org.