On Friday, December 2, 2016 at 10:27:30 PM UTC+1, JC Jones wrote: > Anders, > > The first target I'm working on is Desktop, though I've plans in 2017 to > support WebAuthn on Android and iOS [1], too. WebAuthn already has > definitions suitable for Android's Key Attestation [2] and SafetyNet > formats [3], so they'll need implementations that tie into the > dom::WebAuthentication class.
That's great news! Regards, Anders > > Cheers, > J.C. > > [1] https://wiki.mozilla.org/Security/CryptoEngineering#Web_Authentication > [2] https://w3c.github.io/webauthn/#android-key-attestation > [3] https://w3c.github.io/webauthn/#android-safetynet-attestation > > On Wed, Nov 30, 2016 at 10:54 PM, Anders Rundgren < > [email protected]> wrote: > > > On Wednesday, November 30, 2016 at 5:42:30 PM UTC+1, Anders Rundgren wrote: > > > It is a pity that external tokens have become the > > > focus when the majority will rather rely on embedded > > > security solutions which nowadays is a standard feature > > > in Android and Windows platforms. > > > > Slight clarification to the above: The IoT folks pretty much build 100% on > > embedded security with car-keys as an obvious exception. > > > > On mobile I would say that over 99% of all existing security solutions > > based on cryptographic keys are relying on embedded (or "App level") keys > > with Apple Pay as the most advanced example. > > > > That is, the token vendors and security folks do not represent the actual > > market comprising of end-users and service providers. > > > > Maybe this is a project primarily targeting the desktop? > > _______________________________________________ > > dev-platform mailing list > > [email protected] > > https://lists.mozilla.org/listinfo/dev-platform > > _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
