Difference between revisions of "Web Authentication Levels"
From MgmtWiki
(→Context) |
(→Referrences) |
||
Line 20: | Line 20: | ||
==Referrences== | ==Referrences== | ||
− | + | <references /> | |
− | + | ===Other Material=== | |
+ | * See also wiki page [[WebAuthN 2]] | ||
[[Category: Authentication]] | [[Category: Authentication]] | ||
[[Category: Standard]] | [[Category: Standard]] |
Revision as of 10:05, 23 April 2021
Full Title
Web Authentication Level 2[1] enables the creation and use of strong, attested, scoped, public key cred by web applications for strongly authenticating users.
Context
- This is designed for web applications, not native applications.
- The current draft of the evolving standard is available here.
Glossary
- Authenticator protects public key credentials, and interact with user agents to implement the Web Authentication API. Implementing compliant authenticators is possible in software executing (a) on a general-purpose computing device, (b) on an on-device Secure Execution Environment, Trusted Platform Module (TPM), or a Secure Element (SE), or (c) off device. Authenticators being implemented on device are called platform authenticators. Authenticators being implemented off device (roaming authenticators) can be accessed over a transport method.
Normal Flow
Web Authentication API [1] Section 5
- Registration
- Challenge, user info, RP info
- RP ID, client data hash
- User verification, new key pair
- Authentication
- Challenge
- RP ID, client data hash
- User verification
Referrences
- ↑ 1.0 1.1 Dirk Balfanz + 19, Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30 https://www.w3.org/TR/webauthn-2/#iface-pkcredential
Other Material
- See also wiki page WebAuthN 2