Jump to content

Talk:WebAuthn

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Excessively amalgamated "such as"

[edit]

WebAuthn is designed so that it can work with a range of public-key authenticator mechanisms, from pure software implementations to those using specialized hardware environments, such as a processor's trusted execution environment, a Trusted Platform Module, or an external hardware token accessed via USB, Bluetooth Low Energy, or near-field communications (NFC).

The "such as" list does not adequately declare itself on the range from "pure software" to "specialized hardware".

Expects can probably puzzle this out in 15 s. That is not the target audience for the lead passage. — MaxEnt 14:34, 10 September 2018 (UTC)[reply]

I think you are right, this is not as easily readable as it should be. I'm going to re-phrase this. --Karol Babioch (talk) 18:36, 9 October 2018 (UTC)[reply]
I finally managed to re-phrase the whole introduction. Hopefully it is better understandable now. Let me know what you think of it. --Karol Babioch (talk) 20:28, 11 October 2018 (UTC)[reply]

Avoid long summaries

[edit]

Title says it all. For details, see: WP:SUMMARYNO. Thanks. Tom Scavo (talk) 13:37, 6 March 2019 (UTC)[reply]

Overview added

[edit]

The article is under construction. A number of round trips are required. Thanks for your patience. Tom Scavo (talk) 15:26, 6 March 2019 (UTC)[reply]

Basic content added. It would be nice if the terms linked to the W3C WebAuthn glossary but I don't know how to do that. May have to link to the glossary itself (and let the reader navigate further). Tom Scavo (talk) 16:18, 6 March 2019 (UTC)[reply]
Okay, I've reached a stopping point (have at it). A few notes:
  1. Please don't link to the Authenticator topic (since it's a mess). I'm working on a complete rewrite of the Authenticator topic but this will take awhile.
  2. Concrete examples of software authenticator and platform authenticator are needed. Web citations are required in each case.
  3. If you know of an authoritative citation that justifies the last paragraph in the WebAuthn#Overview section, please add it. Published articles only, please. We don't want to start a flame war :-) Tom Scavo (talk) 16:29, 6 March 2019 (UTC)[reply]
Somebody needs to add a simplified description showing how a computer user who doesn't understand the workings of this would use this. As it is, anybody who doesn't already understand what's going on would be completely lost in all the jargon. This wouldn't have to explain how it works, just what a layman trying to use it would do and see. Put that first, and the current detailed explanation second and those who don't need or want the gory details won't have to wade through them. JDZeff (talk) 19:51, 19 December 2024 (UTC)[reply]

Biometrics

[edit]

I believe the last paragraph is accurate. I was tempted to write "users are uniformly apprehensive of biometrics" (or something like that) but that would be even more contentious, I know. Clearly the last paragraph needs at least one authoritative citation (see above). Tom Scavo (talk) 18:11, 6 March 2019 (UTC)[reply]

I added a couple of citations re biometrics (both from Duo Security) but I still think a published reference is needed. Surely someone has already done this research. Tom Scavo (talk) 17:02, 8 March 2019 (UTC)[reply]

Support

[edit]

IMO, the WebAuthn#Support section should cover browsers and relying parties only, no authenticators. Alternatively, the latter could be listed on the forthcoming Draft:Authenticator page instead. I added a table to that page along with a bit of content to illustrate. Comments? Tom Scavo (talk) 17:31, 8 March 2019 (UTC)[reply]