|
|
|
|
|
|
by aseipp
995 days ago
|
|
|
I can't read anyone's mind. I assume it's simply because passkeys can be used outside the browser, in theory for arbitrary applications, and like every standard, it tries to satisfy a large set of users, there are tradeoffs, and some might want attestation. It's just that browsers and password managers are two use cases of the standard that don't want it, because it largely eliminates one of their major selling points, which is that they're synchronized like a password is today, so there's a clear UX flow/user upgrade path. |
|
|