Thank you

[boredom2]

Hi there,

thats for that really usefull and comprehensive Work, I appreciate it a lot :) Everything works fine and I was able to implement it as we needed it. One last Thing though - is it possible to extract any Kind of Information of "what kind of Device" this is? Maybe the Manufacturer, Model, or at least Type (USB, Fingerprint etc?). Is this somewhere hidden in the returned encrypted Strings?

Thanks! Christoph

[davidearl]

Hello Christoph,

Thanks for the kind words. I'm not aware of anything in what's returned from the browser API that tells you about the device they used. It is possible to limit the device connections it will accept (USB, near field etc).

I based this implementation loosely on https://webauthn.bin.coffee/ which is a purely client side implementation so pretty much useless other than as a demo, or perhaps using node.js. But that page shows you some of what is returned and could be adapted to do a complete dump when it reads the device. Equally you could put a debugger breakpoint at the crucial points (primarily the start of the promise resolution functions for the navigator.credentials methods) in my code and examine the output from the device (or, rather, the browser's take on it). But I don't recall seeing anything from when I did it.

David

[davidearl]

If you find a solution, feel free to make a pull request, or add notes here.

One option if the device doesn't itself tell you is to let the user give a name to their device when they register it. on the other hand, I wouldn't expect many users to have more than one key!

In the meantime, closing this one.

[Nexulo]

Any news about that? Yubico explains here https://developers.yubico.com/U2F/Attestation_and_Metadata/ how device data is transferred. Isn't that helpful?

[davidearl]

Not really, it's Yubico only, not webauthn.