Open jasperweiss opened 5 years ago
danielskowronski
commented
5 years ago In Firefox 69.0.1 on Win10 build 1903 (18362.356) it's even worse - Windows API is called in blocking mode so no JS code, including plugins can intercept request. Sadly this breaks Firefox plugin entirely.
daegalus
commented
5 years ago I am rebinding my keys right now on a new phone and this is causing me a lot of problems.. Seems the KR browser extension needs to be re-architected for this, or make a windows side thing that runs on windows and handles the integration.
agrinman
Chrome and Firefox now use the Windows web authentication API on Windows 10 build 1903 rather than talking to U2F devices directly. This allows the user to use platform keys (e.g Windows Hello), CTAP2 or U2F keys.
This causes funny behavior when using Krypton. The requests are received by the app but Windows simultaneously shows a dialog prompting the user to insert their key or enter their pin which stays open even after the user has accepted the prompt on the app. The web authentication api is unaware of krypton intercepting the requests.
This could be solved if krypton acted as a CTAP2 credential provider rather than a browser extension that intercepts the U2F requests.