Web Authentication - Support Opting-in to Direct Attestations on Android
Categories
(Fenix :: WebAuthn, enhancement, P3)
Tracking
(Not tracked)
People
(Reporter: jcj, Unassigned)
References
Details
We don't have a UI mechanism on Android presently to present a prompt like Bug 1430150, which means we don't support permitting the user to anonymize the attestations. We should find some mechanism to support that, even if it's a preference as a temporary measure.
|
Reporter | |
Updated•5 years ago
|
|
|
Reporter | |
Comment 1•5 years ago
|
||
Update: In Bug 1551229 we chose to always assume anonymity, declining to provide Direct Attestation ability to users. So this would be to present a UI to solicit whether to permit Direct Attestations. Desktop has such a UI already.
|
||
Comment 2•3 years ago
•
|
||
This is something we can do Android Components/Fenix if we can figure out the UX of how we want this to work. Similar to the other permission prompts, I imagine?
|
|
||
Updated•3 years ago
|
|
|
||
Comment 3•3 years ago
|
||
(In reply to Jonathan Almeida [:jonalmeida] from comment #2)
This is something we can do Android Components/Fenix if we can figure out the UX of how we want this to work. Similar to the other permission prompts, I imagine?
Permissions have moved to be internal to GeckoView, so maybe we can better handle this from there?
|
||
Updated•2 years ago
|
|
||
Updated•1 year ago
|
|
||
Comment 6•3 months ago
|
||
Hi, I work in a company that provides an e-id product using webauthn, but because of regulatory requirements we require a direct attestation upon credential creation, meaning we will error for our glorious Fenix users, and have to ask them politely to install Chrome instead. As an life-long Firefox supporter this pains me to have to do. The product has over 20% adoption in Norway, and this is likely to keep increasing. Please consider re-prioritizing supporting direct attestations.
Description
•