[Webkit-unassigned] [Bug 208357] New: [WebAuthn] FIDO Credentials registered with Firefox on Mac not usable in Safari

Thu Feb 27 17:09:26 PST 2020

https://bugs.webkit.org/show_bug.cgi?id=208357

            Bug ID: 208357
           Summary: [WebAuthn] FIDO Credentials registered with Firefox on
                    Mac not usable in Safari
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sweeden at au1.ibm.com

I used Firefox (v74) on Mac to register a FIDO credential with WebAuthn using a couple of different popular USB authenticators (Yubikey 5 and an eWBM GoldenGate). I understand Firefox is probably using CTAP1, and if I use attestation I noticed that a fido-u2f attestation format is returned. Regardless, a public key credential is provided and saved against the user account.

Later, using either generally available Safari 13.0.5 or Safari Tech Preview Release 101, when I try to use this credential in an allowCredentials list to perform an assertion flow, Safari reports in a dialog: "Found no credentials on this device" and I am unable to complete assertion. Both the original FF browser, and Chrome on the same Mac are able to use the credential to complete assertion.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200228/8f11d454/attachment.htm>