Sabarinathan Eaganathan <mail2sa...@gmail.com>: Dec 08 03:28AM -0800
HI all,
In our service we are giving Yubikey as second factor already,and now we
given support for configuring Passkey as first factor. How to stop
configuring Passkey(Mobile based security key)
...more
|
My1 <teamhyd...@gmail.com>: Dec 08 12:48PM +0100
shouldnt setting cross-plat do the trick, as I would expect a passkey to be
platform by definition.
Am Do., 8. Dez. 2022 um 12:28 Uhr schrieb Sabarinathan Eaganathan <
...more
|
Sabarinathan Eaganathan <mail2sa...@gmail.com>: Dec 08 05:41AM -0800
Hi ,
Replying to above thread,we need QR based passkey configuration which can
be done via Mobile which is cross-platform authenticator type. So, we cant
seperate this via 'platform'
...more
|
Tim Cappalli <Tim.Ca...@microsoft.com>: Dec 08 03:07PM
You can reject a registration for authenticators that do not meet your requirements (by looking at attestations).
From: fido...@fidoalliance.org <fido...@fidoalliance.org> on behalf of
...more
|
Sandeep Dhankar <sandeep...@okta.com>: Dec 08 07:31AM -0800
The Paaskeys do not have attestation and without that it is not possible to
identify the Authenticator reliably. However assuming that the
Authenticator is following the spec, it should be setting
...more
|
Tim Cappalli <Tim.Ca...@microsoft.com>: Dec 08 03:33PM
Yes, and if you only want to allow Yubikeys, reject any registrations that are not Yubikeys (which would include those without attestations).
(Disclaimer: not something I would recommend.
...more
|
Cody Salas <c.s...@yubico.com>: Dec 08 11:55AM -0600
If there's interest, Yubico has some material around this use case -
https://developers.yubico.com/WebAuthn/Concepts/Authenticator_Management/
...more
|