Web Authentication Levels

Full Title

Web Authentication Level 2^[1] enables the creation and use of strong, attested, scoped, public key cred by web applications for strongly authenticating users.

Context

This is designed for web applications, not native applications.
The current draft of the evolving standard is available here.

Normal Flow

Web Authentication API ^[1] Section 5

Registration

Challenge, user info, RP info
RP ID, client data hash

Authentication

Challenge
RP ID, client data hash

Referrences

↑ ^1.0 ^1.1 Dirk Balfanz + 19, Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30 https://www.w3.org/TR/webauthn-2/#iface-pkcredential

[balfanz-1] 1.0 ^1.1 Dirk Balfanz + 19, Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30 https://www.w3.org/TR/webauthn-2/#iface-pkcredential

[1]

Web Authentication Levels

Contents

Full Title

Context

Normal Flow

Referrences

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools

Sidebar Links