Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add authenticatorDisplayName to Step 27 and Step 23 of the registration and authentication ceremonies respectively #2156

Closed
zacknewman opened this issue Sep 26, 2024 · 3 comments · Fixed by #2163
Closed

Add authenticatorDisplayName to Step 27 and Step 23 of the registration and authentication ceremonies respectively #2156

zacknewman opened this issue Sep 26, 2024 · 3 comments · Fixed by #2163
Assignees
@emlun
Labels
stat:pr-open subtype:rp-ops type:technical

Comments

@zacknewman
Copy link
Contributor

zacknewman commented Sep 26, 2024
edited
Loading

#1880 added the optional item authenticatorDisplayName to Credential Record; however it was not added to Step 27 of the registration ceremony nor Step 23 of the authentication ceremony. Seeing how attestationObject and attestationClientDataJSON exist in Step 27, it would be nice to also add authenticatorDisplayName. Honestly, I was under the impression authenticatorDisplayName was only a credProps thing; had it existed in the ceremony criteria section for data to store, I don't think I would have made that mistake.

Something like below would be nice:

The new credential record MAY also include the following OPTIONAL contents:

attestationObject

  response.attestationObject.

attestationClientDataJSON

  response.clientDataJSON.

authenticatorDisplayName

  clientExtensionResults.credProps.authenticatorDisplayName or RP-provided value.
@timcappalli
Copy link
Member

authenticatorDisplayName is likely going to be removed from the spec. But if it stays, this is valid.

@zacknewman
Copy link
Contributor Author

authenticatorDisplayName is likely going to be removed from the spec. But if it stays, this is valid.

Really? #2151 was just opened yesterday.

@emlun
Copy link
Member

emlun commented Sep 30, 2024

Even though credentialRecord/authenticatorDisplayName was added in #1880 along with credProps.authenticatorDisplayName, we should still recommend RPs to provide some way for users to set a "nickname" for their credentials, even if credProps.authenticatorDisplayName is deleted. So I think this is valid regardless of the outcome of that discussion.

Really? #2151 was just opened yesterday.

Yes, the sentiment in favour of dropping credProps.authenticatorDisplayName came up in discussions at TPAC shortly after #2151 was opened.

@emlun emlun self-assigned this Sep 30, 2024
@emlun emlun mentioned this issue Sep 30, 2024
Merged
@timcappalli timcappalli mentioned this issue Oct 23, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@emlun emlun

Labels
stat:pr-open subtype:rp-ops type:technical
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add [credential record/authenticatorDisplayName] handling to RP operations w3c/webauthn
3 participants
@emlun @timcappalli @zacknewman