Closed infinisil closed 3 years ago
We took a good look at libfido2, to investigate its suitability for use by a Relying Party server. We conclude that it’s not suited for a number of reasons:
fido_cred
, fido_assert
and possibly fido_cbor
)android-key
, android-safetynet
and apple
, used on mobile platforms, and there doesn’t seem to be any effort to implement these .Most of these issues could be worked around at the cost of added complexity to the library. At some point, however, the added complexity outweighs the benefits of using an established library.
Motivation from #4