Versions Compared

Old Version 2

changes.mady.by.user Branko Marovic

Saved on

compared with

New Version 3

changes.mady.by.user Branko Marovic

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

These are exemplary paths. You need to screenshot the only passkey-relates relateD options. Please paste screenshots in or outside this table as suitable:

...

  • Click the "+" button to create a passkey. Choose the following values:
    • RP Info: This domain
    • User Info: Bob
    • Attachment: Undefined
    • Require Resident Key: True
    • Resident Key (L2): Required

...

Seq1

In Chrome

After switching to Fingerprint

Second time



Seq2 (just new screens)

On Use ES***, Use EdDSA

After Cancel





Seq3 (just new screens)

Chrome on timeout of the creation form






Seq4 (just new screens)

Place one row after each?







Test User Verification

  • Select User Verification: Discouraged and click CREATE.
  • Follow the requested steps to create a passkey, then copy-paste the result from the web app.

...

  • Select User Verification: Required and click CREATE.
  • Follow the requested steps to create a passkey, then copy-paste the result from the web app.
  • Note that the latest result is the rightmost in the bottom row. You may delete already pasted results.
  • All authenticators should be able to register multiple passkeys for the same domain, so you do not need to delete the previously created one. Is this creation of multiple passkeys or an override of the old one?It is likely that the passkeys you create will override each other since they are for the same domain and use the same user name "bob@example.com").

Copy-paste the result on the right:
Put Unsupported if there was an error{50{

bob@example.com


Credential ID
05A81DBFA7330EFE5DF83B9DE49CC99EA56992DECF5508C870EB2696240A8F44

RP ID
webauthntest.identitystandards.io

AAGUID
00000000-0000-0000-0000-000000000000

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: none (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

  • If none of the previous four tries worked,:
    • Select Attestation: Undefined and click CREATE.
    • Follow the requested steps to create a passkey, then copy-paste the result from the web app.
  • Otherwise, skip this step???.

Copy-paste the result on the right:
Put Unsupported if there was an error{75{

bob@example.com


Credential ID
FBB5977FD49698A5EBDCEA347DBBE62C250EE96A95D83D79DCBEA9C2E6CA0462

RP ID
webauthntest.identitystandards.io

AAGUID
00000000-0000-0000-0000-000000000000

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: none (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

  • If Attestation: Direct worked, select it. Otherwise, if Attestation: Indirect worked, select it. What about None? OtherwiseOtherwise, select Attestation: Undefined.Should they say which they used?

Test CredProtect Extension

...

  • If none of the previous three tries worked,:
    • Select CredProtect Extension: Undefinedand click CREATE.
    • Follow the requested steps to create a passkey, then copy-paste the result from the web app.
  • Otherwise, skip this step???.

Copy-paste the result on the right:
Put Unsupported if there was an error{95{

bob@example.com


Credential ID
8071C004B5BBE4EC75DD463FAC3A03BD5E6E88F08E683116EF5A24B5E5338D47

RP ID
webauthntest.identitystandards.io

AAGUID
6028B017-B1D4-4C02-B4B3-AFCDAFC96BB2

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: packed (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

Do you have any additional observations or comments related to the entire procedure:{125{

The same as for Firefox, except for the extra first screen.

It would be interesting to try to select eg ES512 or EdDSA and also RS256 and see what a security keay would choose.

}}

  • Please , do not forget to paste any pending screenshots in the above tables.
  • You may also paste the screenshot with the passkey(s) created during this test. The list of created passkeys is usually shown along with platform or browser passkey options that you were already asked to screenshot.

Thank you!