New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebAuthn Authenticators are FIDO Authenticators #1128
Comments
The "authenticator" concept in WebAuthn is an abstraction which includes but is not limited to FIDO2 authenticators, and I believe end users are not an intended audience for the spec. I'm not convinced this is an issue that warrants change to the spec. |
Typoe FIDO authr. Or is the assumption that in future there might be non-fido authrs that this API will support? |
Depends on what you mean by FIDO, I suppose (FIDO certified? Communicates over CTAP1/CTAP2/CTAP-N?) - but yes, WebAuthn is designed to work with any authenticator+client combination capable of satisfying the abstract interface. I don't know if Intel's U2F implementation counts as a "FIDO authenticator", for example - at least they make no effort to mention FIDO or U2F on that marketing page. |
By FIDO I mean those which support FIDO protocols.
You mean any authenticator. The client is the webauthn. |
Maybe we need definition for "WebAuthn authenticator" so people don't get confused. |
In that case WebAuthn is definitely not limited to FIDO authenticators - pretty much every platform authenticator will be communicating with the client using something else than a FIDO protocol.
I do mean authenticator+client combination. 🙂 For example, at this moment Chrome on Android is capable of using the security systems in Android as a WebAuthn authenticator but Firefox on Android is not.
Maybe - the current Authenticator could probably use a couple of examples. It's also lacking the alias "WebAuthn Authenticator" that we have for Client, Relying Party etc. |
@emlun jup |
associated PRs were merged, this issue now closed |
There is FIDO2 Authenticators. This is confusing for the enduser.
The text was updated successfully, but these errors were encountered: