|Summary:||YubiKey 5Ci gesture is not recognized by Safari|
|Component:||WebKit Misc.||Assignee:||Nobody <webkit-unassigned>|
|Severity:||Normal||CC:||dwaite, jiewen_tan, webkit-bug-importer|
|Version:||WebKit Nightly Build|
|Hardware:||iPhone / iPad|
|Bug Depends on:|
Description navindra 2020-07-13 12:10:37 PDT
While testing FIDO2 on iOS 14.0 18A5319i with a YubiKey 5Ci, the key LED blinks but Safari does not recognize the activation gesture. The key prompt dialog can only be cancelled. This same key works on the Brave browser on the same phone/OS. I was also able to get Face ID to work for FIDO2 (awesome!) on Safari on the same phone/OS. Please let me know what information I can provide to help debug this.
Comment 1 Jiewen Tan 2020-07-28 01:24:39 PDT
My 5Ci works for me on webauthn.io. Are you using a Yubico internal test device or a production one?
Comment 3 navindra 2020-07-28 02:13:34 PDT
It was a shrink-wrapped production device.
Comment 4 David Waite 2020-07-28 03:04:50 PDT
This may be an issue with the Yubikey being used by the system as an OTP device (fake keyboard) rather than a FIDO2 device. The easiest way to tell if the device is in an active FIDO mode is if the LED is flashing. If you want to experiment with disabling OTP functionality, you can enable and disable functions of the key using the command-line tool at https://www.yubico.com/products/services-software/download/yubikey-manager/ with a desktop or laptop computer.
Comment 5 navindra 2020-08-24 14:09:23 PDT
Thank you for the suggestion! I disabled all interfaces (including OTP) except for FIDO2 but I still have this issue. Why would it work for Brave but not Safari? Brave doesn't have any trouble detecting that I've activated the key.