|
|
|
|
|
|
by gre345t34
608 days ago
|
|
|
If you got tricked into logging into goggle.com or something the FIDO2 auth would fail because a) the URL would not match the credential metadata and b) the resulting assertion, a signature over data which includes the URL, would not be valid (google.com would not accept it). |
|
|