Use attestation=direct to get AAGUIDs on all platforms
FlxMgdnz opened this issue · 1 comments
FlxMgdnz commented
Checklist
- I could not find a solution in the existing issues or docs.
- I agree to follow this project's Code of Conduct.
Description
Windows currently sets the AAGUID of any authenticator (platform and hybrid) to all zeros when using attestation=none.
Enforcing authenticator attestation on registration will change that and ensure correct AAGUIDs are being included for better passkey naming.
Another benefit is that we can then also use AAGUIDs of different security key vendors to improve the name proposals for hardware security keys even more (see https://passkeydeveloper.github.io/passkey-authenticator-aaguids/explorer/?combined)
Describe your ideal solution
No response
Workarounds or alternatives
No response
Hanko Version
v0.10
Additional Context
No response
shentschel commented
Do you also want to change already existing projects or only new ones?