Passkeys Developer Resources
Is using NFC device with a smartphone via CaBLE ("hybrid") possible? #13
Unanswered
junderw
asked this question in
Passkeys on the Web Q&A
Replies: 1 comment
-
|
If you have a passkey on a security key, you can connect that security key directly to the client. Implementations of FIDO Cross-Device Authentication will only offer up passkeys from local passkey providers. It really isn't related to the protocol, it just isn't a use case that has come up in the ecosystem. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I was thinking:
The whole use case of CaBLE hybrid was to allow me, a 3rd party to scan ie. a friend's PC and authenticate with his machine without needing to interact directly with his PC except through a very specific protocol (CTAP) in the BLE tunnel...
But if, in that situation, I suddenly say "hey, actually my creds are on this weird USB+NFC key thingy let me plug it into your USB I totally swear it's not a virus!"
Currently it seems like if you try to authenticate using hybrid BLE, the phone will only offer up platform passkeys and won't give you any options to tap NFC or insert a USB-C into your phone or something.
My question:
Is this a limitation or the spec, or is it an implementation detail that all the vendors agreed on as "too complicated" etc.?
If it's a limitation of the spec, what are your thoughts on modifying the spec to allow for hybrid BLE connected authenticators (smartphones) to essentially "proxy" the NFC/USB device authenticators?
Beta Was this translation helpful? Give feedback.
All reactions