PassKey implementation is not compliant with WebAuthn standard

https://www.w3.org/TR/webauthn-2/#sctn-user-handle-privacy
Since the user handle is not considered personally identifying information in § 14.4.2 Privacy of personally identifying information Stored in Authenticators, the Relying Party MUST NOT include personally identifying information, e.g., e-mail addresses or usernames, in the user handle. This includes hash values of personally identifying information, unless the hash function is salted with...
Click to expand...

Read more

Читать далее...
 
Активность
Пока что здесь никого нет
Назад
Верх Низ