FIDO2-certified passkey server and SDKs for adding passkey support to any auth system
GNU Affero General Public License v3.0
115
stars
8
forks
source link
Use attestation=direct to get correct AAGUIDs on all platforms #50
Closed
FlxMgdnz closed 4 months ago
Windows currently sets the AAGUID of any authenticator (platform and hybrid) to all zeros when using attestation=none.
Enforcing authenticator attestation on registration will change that and ensure correct AAGUIDs are being included for better passkey naming.
Another benefit is that we can then also use AAGUIDs of different security key vendors to improve the name proposals for hardware security keys even more (see https://passkeydeveloper.github.io/passkey-authenticator-aaguids/explorer/?combined)