Bug 236698

As a registered user in http://admin.gandi.net , when registering a new security key for the account using TouchID WebAuthn in account security settings, the registration fails with error. Reproduction: 1. In account security settings, "Manage your security key authentication" 2. In Register your security key: enter New token name: (I used "jessi TouchID", should not matter) 3. Do you want to allow “gandi.net” to use Touch ID? Or you can use a security key. : Ok. 4. Safari: "Safari" would like to use Touch ID for "gandi.net". Touch ID to allow this. Actual behavior: 5. Error dialog: "The operation can’t be completed. Expected behavior: 5. Successful registration. The gandi.net WebAuthn registration works however on iOS (15.3.1) using FaceID. I did some investigation using Inspector and obtained the parameters for publicKey Object = $4 O publickey: Object S attestation: "direct" >O challenge: Uint8Array [ ... ] (32) >O excludeCredentials: [Object, Object, Object] (3) >O extensions: {appidExclude: "https://account.gandi.net/api/u2f/trusted_facets.ison"] >O pubKeyCredparams: [ ... ] >O rp: {id: "gandi.net", name: "Gandi.net"} https://twitter.com/joneskoo_yx/status/1492921076841603074?s=20 I can reproduce the error message if I go to https://webauthn.io and register selecting attestation: direct. I believe the cause for the failure on Mac (but not iOS) may be that gandi sets in registration options: attestation: direct.