|
|
|
|
|
|
by coldpie
409 days ago
|
|
|
I think all they need to do is remove attestation from the spec, or at least put very strong language around it that it should only be used for extremely secure environments where the data is not considered to be owned by the user, for example an account at your job. For end-user software, where they're currently promoting Passkeys, attestation is unacceptable. But, their behavior on the bug trackers indicates they don't even seem interested in having the conversation. |
|
|