In #24 a way for the authenticator to force UV for specific passkeys was added. This coincides with the credProtect authenticator extension's functionality. Once we have extension infrastructure in main we can migrate the out-of-band way to force UV to using CredProtect.
This has the added benefit of letting the RP know that these specific keys are backed by UV at every authentication. This can be appreciated by the RPs that care about it.
In #24 a way for the authenticator to force UV for specific passkeys was added. This coincides with the
credProtectauthenticator extension's functionality. Once we have extension infrastructure in main we can migrate the out-of-band way to force UV to usingCredProtect.This has the added benefit of letting the RP know that these specific keys are backed by UV at every authentication. This can be appreciated by the RPs that care about it.