Summary: | [WebAuthn] pinToken and uv option are mutually exclusive in CTAP2.0 | ||
---|---|---|---|
Product: | WebKit | Reporter: | login Llama <loginllama> |
Component: | WebKit Misc. | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | jiewen_tan, loginllama, nuno.sung, pascoe, tim.cappalli, webkit-bug-importer |
Priority: | P2 | Keywords: | InRadar |
Version: | Safari Technology Preview | ||
Hardware: | iPhone / iPad | ||
OS: | Other | ||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=181943 |
Description
login Llama
2020-07-03 13:04:55 PDT
Let's revisit this once we start implementing CTAP 2.1. CTAP 2.1 RD was updated so that if the platform sends getAssertion with both pinToken and the uv=1 option, then the uv=1 option is ignored. We worked around the problem on the spec/authenticator side. You should however still fix the problem This was fixed in https://bugs.webkit.org/show_bug.cgi?id=232501 and https://bugs.webkit.org/show_bug.cgi?id=213903 Thanks, I am seeing the correct behavior now in Safari 15.2 on OSX and iOS 15.2 |