Indicates the respective authenticator can be contacted using a combination of (often separate) data-transport and proximity mechanisms. This supports, for example, authentication on a desktop computer using a smartphone.
internalIndicates the respective authenticator is contacted using a client device-specific transport, i.e., it is a platform authenticator. These authenticators are not removable from the client device.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/BYAPR00MB0471DF43FF2A50AC110AD0D795D09%40BYAPR00MB0471.namprd00.prod.outlook.com.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/B8531428-97EF-451B-A274-E5E4844124D6%40ve7jtb.com.
Ok, I had misunderstood the meaning of transports, my assumption was it reported the transport under which the credential was created.What I understand now is that the various manners in which that specific credential can be accessed. In our products case, a credential could be accessed via internal and hybrid - the fact that it can be accessed by "other means" via a browser extension is just an implementation detail of our product and should not impact anything around platforms nor RPs (they should not care). Our product would only serve credentials it knows about, and refer to the OS/browser for all other cases.
We will report "internal, hybrid".
Not sure why my messages keep getting deleted, if someone is deleting them for some reason, please let me know the reason. - rew.islam at dashlane.com