• The Web Authentication Working Group has published Web Authentication: An API for accessing Public Key Credentials Level 3 as a W3C Candidate Recommendation Snapshot. • This specification defines an API enabling the creation and use of strong, attested, scoped , public key-based credentials by web applications , for the purpose of strongly authenticating users. • Conceptually, one or more public key credentials , each scoped to a given WebAuthn Relying Party , are created by and bound to authenticators as requested by the web application. • The user agent mediates access to authenticators and their public key credentials in order to preserve user privacy. • Authenticators are responsible for ensuring that no operation is performed without user consent . • Authenticators provide cryptographic proof of their properties to Relying Parties via attestation .
Article Summaries:
- The Web Authentication Working Group has published Web Authentication: An API for accessing Public Key Credentials Level 3 as a W3C Candidate Recommendation Snapshot. This specification defines an API enabling the creation and use of strong, attested, scoped , public key-based credentials by web applications , for the purpose of strongly authenticating users. Conceptually, one or more public key credentials , each scoped to a given WebAuthn Relying Party , are created by and bound to authenticators as requested by the web application. The user agent mediates access to authenticators and their
Sources: