WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
NEW
219157
[WebAuthn] Current WebAuthn popup dialog text restricts use to sign-in use cases
https://bugs.webkit.org/show_bug.cgi?id=219157
Summary
[WebAuthn] Current WebAuthn popup dialog text restricts use to sign-in use cases
at.brand
Reported
2020-11-19 06:10:32 PST
While the current text shown by Safari during a WebAuthn assertion [navigator.get()] makes sense in the context of a sign-in, it inhibits using the feature for other use cases such as payment authorization or step-up authentication. When invoking WebAuthn during these use cases, the current text displayed on the dialog presented by the browser leads to confusion ("Do you want to sign-in to example.com using
user@example.com
"). Other browsers are using text that is somewhat more generic, enabling such use-cases: * "Use your security key with example.com" * "example.com wants to authenticate you using a registered security key" * "For security, ~application~ needs to verify your identity" Would it be possible to consider displaying a message that is slightly more generic during the navigator.get() operation, enabling additional WebAuthn use cases other than sign-in?
Attachments
Add attachment
proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1
2020-11-26 06:11:15 PST
<
rdar://problem/71749854
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug