Closed devinjelliot closed 11 months ago
dagnelies
commented
11 months ago Yeah, that makes sense. I'll make it optional in the next release. Mac book / iPhone are devices lacking proper tested since I do not own these. Btw, could you please share the post of the screenshot above?
dagnelies
commented
11 months ago As usual, the spec is ambiguous and the OS platforms do what they want 😮💨
Authenticators SHOULD implement a signature counter feature.
devinjelliot
commented
11 months ago FWIW this is THE ONLY link I can find that discusses the counter with respect to MacOS anywhere. I'm still digging more today.
apple support comment on counter
Follow up question, have you tried to use or tested out largeBlob support through this?
dagnelies
commented
11 months ago Well, since even the "standard part" of protocol is already supported in a very inconsistent way across the various platforms, I'm personally not inclined to dive into the optional extensions.
devinjelliot
commented
11 months ago That's understandable. I had been under the impression this support was more broad when I started adopting this. I think it's still acceptable for my project, but I do need to figure out how to handle this largeBlob business. Thank you for following up about the counter 🙏🏼
It appears that macbooks only return a 0
I was able to nail this down to a point where I can confirm that only 0 is ever returned. If you set the initial counter to -1 as the documentation describes then you will only get a valid auth one time. The live demo on the site is also failing in the same way.
Can the counter be set as optional as it appears passkey expect no counter at all? I'm still reading into this