Closed ErinvanderVeen closed 2 years ago
I think the readme structure would be good like this:
Hmm it's a shame that we ended up with two implementations of webauthn in parallel around the same time. Is there an intention to merge the https://hackage.haskell.org/package/webauthn project and this one?
Ah it actually seems to be quite a bit older but just got a lot of recent development. I didn't spot it when I started this library
Oh yeah, we were actually in contact with @fumieval from https://github.com/fumieval/webauthn as well, indicating that we'd be working on an updated implementation. So I'm surprised that they starting working on their implementation as well without mentioning it to us. I'd love to unify all of https://github.com/arianvp/haskell-fido2, https://github.com/tweag/haskell-fido2 and https://github.com/fumieval/webauthn into a single library, to be put in https://hackage.haskell.org/package/webauthn.
@fumieval Perhaps we haven't informed you well enough of our efforts, but we've been working on this library here for some months now and we think it's near production-readiness! What are your thoughts?
A name that contains "WebAuthn" is more accurate because this library does not deal with CTAP, the aspect of FIDO2 about connecting client and authenticator. It may also make it easier to discover the library on Hackage. I don't have an opinion about it being exactly "webauthn" or something like "webauthn-suffix".
Also, it is more straightforward to have the same name for the project and the git repository. Once a new name is confirmed, it's worth renaming a repository too. When I first started using this library, I added a bad dependency haskell-fido2 instead of fido2.
I didn't know that you've added supports to other attestation formats. Since there are a lot more people working on this package, I'm happy to hand over the webauthn name.
@fumieval We are still working on adding TPM and AndroidSafetyNet attestation. It is nice to hear that we can use the webauthn name for the package, thank you. We will contact you again whenever we reach that point.
@ErinvanderVeen Great. Once the time is ripe, let me know your Hackage user names and I can add you to the uploaders at any point
@fumieval Awesome thanks! Also feel free to let us know if you see anything in our implementation that you'd like to see changed/improved.
This MR contains several changes as listed:
webauthn
libary, I propose discussing this with the maintainer of the existing library.