Difference between revisions of "Web Authentication Levels"
From MgmtWiki
| Line 1: | Line 1: | ||
==Full Title== | ==Full Title== | ||
| − | [[Web Authentication Level 2]] <ref>Dirk Balfanz + 19, ''Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30'' https://www.w3.org/TR/webauthn-2/#iface-pkcredential</ref>enables the creation and use of strong, attested, scoped, public key cred by web applications for strongly authenticating users. | + | [[Web Authentication Level 2]]<ref name=balfanz>Dirk Balfanz + 19, ''Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30'' https://www.w3.org/TR/webauthn-2/#iface-pkcredential</ref> enables the creation and use of strong, attested, scoped, public key cred by web applications for strongly authenticating users. |
==Context== | ==Context== | ||
| Line 6: | Line 6: | ||
* The current draft of the evolving standard is available [https://www.w3.org/TR/webauthn-2/ here]. | * The current draft of the evolving standard is available [https://www.w3.org/TR/webauthn-2/ here]. | ||
==Normal Flow== | ==Normal Flow== | ||
| − | # | + | Web Authentication API <ref name=balfanz /> Section 5 |
| − | + | *Registration | |
| + | # Challenge, user info, RP info | ||
| + | # RP ID, client data hash | ||
| + | *Authentication | ||
| + | # Challenge | ||
| + | # RP ID, client data hash | ||
==Referrences== | ==Referrences== | ||
Revision as of 21:50, 26 October 2020
Contents
Full Title
Web Authentication Level 2[1] enables the creation and use of strong, attested, scoped, public key cred by web applications for strongly authenticating users.
Context
- This is designed for web applications, not native applications.
- The current draft of the evolving standard is available here.
Normal Flow
Web Authentication API [1] Section 5
- Registration
- Challenge, user info, RP info
- RP ID, client data hash
- Authentication
- Challenge
- RP ID, client data hash
Referrences
- ↑ 1.0 1.1 Dirk Balfanz + 19, Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Working Draft, 2020-07-30 https://www.w3.org/TR/webauthn-2/#iface-pkcredential
