--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAL9PXLyy%2BAWyF76S9puw3TsQB8bTbj87PjG%3DAti3vyULzv7wvQ%40mail.gmail.com.
will with all of this also CTAP2 maybe be supported on android (and if not already, chrome OS)?
Attestation is optional. Not all authenticators provide them.
From the WebAuthn perspective, there is no difference between a discoverable credential in a pre-passkey world and a "passkey" (aka multi-device passkey, aka multi-device credential). "passkey" is just an end user friendly term for a WebAuthn or FIDO credential, e.g. the thing that replaces a "password".
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/f60dd3e7-2337-4f10-b49f-315e4bb665d6n%40fidoalliance.org.
Correct (just be aware that you may receive an AAGUID of all zeroes).
tim
Yes, attestations are a good thing. What the attestation represents is changing a bit in the new multi-credential world.
An attestation for a multi-device credential ultimately represents the virtual authenticator, which in the case of platforms that sync, is the sync fabric. The DPK's attestation represents the local authenticator.
Some platforms may not provide attestation at launch of multi-device credentials. Even without an attestation, a passkey / multi-device credential is still better than a password.
Emil Lundberg
Software Engineer | Yubico
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/774371dc-1b42-440c-83ae-3e2dc94d1364n%40fidoalliance.org.
but there's no reason you couldn't for example have a software authenticator with exportable keys
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CANMnvkwPvQrrrK4kn%3DzRh-Bb%2BFzE2vJWHMHMoBuTqmqnDTCcmg%40mail.gmail.com.
Tim Cappalli | m: +1 (617) 701-7149 • @timcappalli
did:ion:EiBgPHSLu66o1hQWT7ejtsV73PfrzeKphDXpgbLchRi32w
Two things:1."Auto-fill integration with passkeys is currently behind a flag in Chrome on some platforms, and we demoed it at the RSA Conference last week."
Does this mean that any third party "authenticator app", like Authy, BitWarden or 1Password, can be selected for supplying and managing Multi-device FIDO credentials on Android?
Also, is there a link you could share were this demo can be viewed?
2. In your reply to My1 below you answer: "CTAP2 security keys are fully supported on Chrome OS. Support on Android is desired, but I'm afraid that I don't have a specific timeline that I can share."I cannot stress enough how highly desirable support for discoverable credentials (resident keys) as specified in CTAP2 on Android would be. Being able to perform fast, as in FIDO, usernameless authentication is such a great user experience compared to having to tap in a long username for every authentication event. Especially in environments where Android devices are shared and Identity cannot be bound to the device. An update regarding this support would be great information.
SLM how are you and how your body
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+unsubscribe@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAL9PXLyy%2BAWyF76S9puw3TsQB8bTbj87PjG%3DAti3vyULzv7wvQ%40mail.gmail.com.
Tim Cappalli | m: +1 (617) 701-7149 • @timcappalli
did:ion:EiBgPHSLu66o1hQWT7ejtsV73PfrzeKphDXpgbLchRi32w
Will the implementation support Backup Eligibility flags?
My understanding is that if requireResidentKey is not set to true or even set at all, then the created credential will be non-discoverable. And if requireResidentyKey is set to true, then the credential will be a discoverable passkey. Is this correct?
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/3387677a-aa77-46df-a556-101ea4f517f9n%40fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/92de27c1-397e-41d4-ad47-2b6e97c4e150n%40fidoalliance.org.