Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

clarify "authenticator model": RPs may perform feature-based authenticator selection #645

Closed
equalsJeffH opened this issue Oct 13, 2017 · 4 comments
Closed

clarify "authenticator model": RPs may perform feature-based authenticator selection #645

equalsJeffH opened this issue Oct 13, 2017 · 4 comments
Assignees
@equalsJeffH
Labels
stat:pr-open subtype:impl-cons type:editorial
Milestone
Last Working Draft

Comments

@equalsJeffH
Copy link
Contributor

clarify "authenticator model": RPs may perform feature-based authenticator selection with both

  1. navigator.credentials.create() (which invokes webauthn's #createCredential), and
  2. navigator.credentials.get() (which invokes webauthn's #getAssertion).

In (1), options stipulating "require resident key" and "require user verification" are expected to be passed (see also #536, #524), e.g., ultimately to CTAP's authenticatorMakeCredential command.

In (2), options stipulating "require user verification", "require user presence test" are expected to be passed (see also #629, #524), e.g., ultimately to CTAP's authenticatorGetAssertion command.
@equalsJeffH equalsJeffH added this to the CR milestone Oct 13, 2017
@equalsJeffH equalsJeffH mentioned this issue Oct 13, 2017
Closed
@equalsJeffH equalsJeffH mentioned this issue Nov 3, 2017
Closed
@emlun emlun mentioned this issue Nov 6, 2017
Merged
@emlun
Copy link
Member

emlun commented Dec 5, 2017

In (2), options stipulating "require user verification", "require user presence test" are expected to be passed

Current language specifies to always perform a user presence test (unless user verification is performed), so the latter option does not currently exist (as discussed in #629 (comment)).

@selfissued
Copy link
Contributor

This is not actionable without a PR. @equalsJeffH - do you plan to create one soon - ideally during this week's FIDO plenary?

@equalsJeffH
Copy link
Contributor Author

yes i plan to "create one soon" but meeting(s) I'm participating in have priority.

@equalsJeffH equalsJeffH mentioned this issue Feb 7, 2018
Merged
@equalsJeffH
Copy link
Contributor Author

equalsJeffH commented Feb 7, 2018
edited
Loading

fixed by PR #782

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@equalsJeffH equalsJeffH

Labels
stat:pr-open subtype:impl-cons type:editorial
Projects
None yet
Milestone
Last Working Draft
Development

No branches or pull requests
3 participants
@equalsJeffH @emlun @selfissued