1529973 - Make the WebAuthn Soft Token a Real Thing (sync, FIDO2, platform DAR, UI)

Status: NEW

(Core :: DOM: Web Authentication, enhancement, P5)

Description

[J.C. Jones [:jcj] (he/they)]

Firefox has a U2F soft token implemented, mostly for testing, that also happens to work just fine for WebAuthn flows. The functional problem with turning it on is, without an UI, it always acts immediately, preempting any other WebAuthn/U2F authenticators available or attached. This bug would be a meta-bug to make the soft token a Real Thing by fixing the functional issue, and also improving the security and properties of it:

1. The user should have to confirm use of the soft token
2. The user should be able to, without changing a pref, use a different security key
3. The soft token might sync its key material and its counter state via Sync
4. The soft token might store its key material using the platform data-at-rest support (https://searchfox.org/mozilla-central/source/security/manager/ssl/OSKeyStore.h)
5. The soft token might support FIDO2 attestation modes for WebAuthn, even if it cannot be accredited

Comment 2

[Markus Schraeder]

@jcj: You removed the blocking of bug #1315460 by closing bug #1481890 !

Comment 3

[Glyphos]

Wow, this is 5 years old? I think the priority is extremely low for such a crucial feature

• passwords are a bad design for any network protocol. they are akin to sending a secret key over the wire
• webauthn is mature, and a push to end passwords is starting even outside of open source circles
• if we dont take the lead in going password free, a privacy violating version led by google could take root
• most people will not buy a hardware token and lug it around
• Phones have built in softtoken support, but desktop web browsers are sadly lacking

Firefox could easily support storing private keys in the desktop password store. The only changes to it should be a slightly
higher minimum bar for the password store, to make it suitable to store strong private keys

1. the user must have an encrypted password vault with a password, but
2. the user should not be able choose a password themselves
3. firefox will generate the password as lowercase words with sufficient entropy (such as 66+ bits using a known spec like bip39)
4. With sufficient vault root entropy (128 bits plus), stored webauthn secrets could take near zero storage (KDF derivation)
5. strong EC algorithms like ed25519 should be prioritized of course, not p256

Of course, this should also work with external plugins like keepassx, and should not prevent normal hardware tokens from working. Attestation, if any is supported could be self signed or faked, in such a way to as to not compromise user privacy

The goal of any web security person should be to banish passwords from the web, and to avoid the parts of the webauthn spec which could be
used to uniquely identify the user.

Comment 4

[Ralf Jung]

This would be amazing! Currently it seems like the only way to use login credentials that are safe against replay attacks and are bound to a particular domain (making phishing basically impossible) is to buy a hardware token, which means only a small minority of users is able to benefit from this. Would be great if this could be done entirely in software. :)