Giters

teamhanko / hanko

Authentication and user management for the passkey era.

Home Page:https://hanko.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Use attestation=direct to get AAGUIDs on all platforms

FlxMgdnz opened this issue · comments

commented

Checklist

  • I could not find a solution in the existing issues or docs.
  • I agree to follow this project's Code of Conduct.

Description

Windows currently sets the AAGUID of any authenticator (platform and hybrid) to all zeros when using attestation=none.

Enforcing authenticator attestation on registration will change that and ensure correct AAGUIDs are being included for better passkey naming.

Another benefit is that we can then also use AAGUIDs of different security key vendors to improve the name proposals for hardware security keys even more (see https://passkeydeveloper.github.io/passkey-authenticator-aaguids/explorer/?combined)

Describe your ideal solution

No response

Workarounds or alternatives

No response

Hanko Version

v0.10

Additional Context

No response

commented

Do you also want to change already existing projects or only new ones?