You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 7, 2023. It is now read-only.
Chrome and Firefox now use the Windows web authentication API on Windows 10 build 1903 rather than talking to U2F devices directly. This allows the user to use platform keys (e.g Windows Hello), CTAP2 or U2F keys.
This causes funny behavior when using Krypton. The requests are received by the app but Windows simultaneously shows a dialog prompting the user to insert their key or enter their pin which stays open even after the user has accepted the prompt on the app. The web authentication api is unaware of krypton intercepting the requests.
This could be solved if krypton acted as a CTAP2 credential provider rather than a browser extension that intercepts the U2F requests.
The text was updated successfully, but these errors were encountered:
In Firefox 69.0.1 on Win10 build 1903 (18362.356) it's even worse - Windows API is called in blocking mode so no JS code, including plugins can intercept request. Sadly this breaks Firefox plugin entirely.
I am rebinding my keys right now on a new phone and this is causing me a lot of problems.. Seems the KR browser extension needs to be re-architected for this, or make a windows side thing that runs on windows and handles the integration.
Chrome and Firefox now use the Windows web authentication API on Windows 10 build 1903 rather than talking to U2F devices directly. This allows the user to use platform keys (e.g Windows Hello), CTAP2 or U2F keys.
This causes funny behavior when using Krypton. The requests are received by the app but Windows simultaneously shows a dialog prompting the user to insert their key or enter their pin which stays open even after the user has accepted the prompt on the app. The web authentication api is unaware of krypton intercepting the requests.
This could be solved if krypton acted as a CTAP2 credential provider rather than a browser extension that intercepts the U2F requests.
The text was updated successfully, but these errors were encountered: