October 13, 2021
I’ve defined an Authentication Method Reference (AMR) value called “pop†to indicate that Proof-of-possession of a key was performed. Unlike the existing “hwk†(hardware key) and “swk†(software key) methods, it is intentionally unspecified whether the proof-of-possession key is hardware-secured or software-secured. Among other use cases, this AMR method is applicable whenever a WebAuthn or FIDO authenticator are used.
The specification is available at these locations:
- https://openid.net/specs/openid-connect-eap-acr-values-1_0-01.html
- https://openid.net/specs/openid-connect-eap-acr-values-1_0.html
Thanks to Christiaan Brand for suggesting this.
No Comments » Posted under FIDO & OpenID & Phishing Resistance & Specifications & W3C
Leave a Reply
You must be logged in to post a comment.
