Does anyone know how is it possible for example to ask Windows WebAuthn to not look after NFC authenticator?There should be somewhere in registry etc to configure this to only allow USB interface for example.
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAE8gTaEam2vbRJ5MMbYDoULXTDrpBdd2uxEi84BJLXFb4Rbzdg%40mail.gmail.com.
THALES GROUP LIMITED DISTRIBUTION to email recipients
Let me guess, for clarification purpose,
You have PKI smartcards plugged in the contact reader of the machines you are managing, with a PKCS#11/CSP middleware, and you’re wondering why or how to handle Windows Hello triggering cold reset of the smartcard reader when a FIDO request comes in?
Unfortunately, this is how WinSCard/PCSC is expected to behave. If it is so, you should seek if your middleware can be configured to use exclusive mode, which would prevent Windows Hello from accessing any card supported by the middleware.
Best regards,
|
|
Thomas Duboucher (he/him) |
Embedded Security Specialist |
Digital Identity and Security Thales |
|