search

MasterKale / SimpleWebAuthn

WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers, Node, Deno, and more.
https://simplewebauthn.dev
MIT License
1.62k stars 137 forks source link

Reduce number of default credential algorithms #360

Closed MasterKale closed 1 year ago

MasterKale commented 1 year ago

Describe the issue

I include too many credential algorithms in the default value of generateRegistrationOptions()'s supportedAlgorithmIDs argument. Based on guidance that I added to the WebAuthn spec, I can safely narrow the list down to the following algorithms:

-8 (Ed25519) -7 (ES256) -257 (RS256)

Additional algorithms can still be supported, this will merely be a pruning of the defaults.

MasterKale commented 1 year ago

This has gone out in @simplewebauthn/server@7.2.0 🚀