← Back to release summary

WebAuthn getPublicKey[Algorithm]() and getAuthenticatorData()

Category

Security

Type

New or changed feature

Status

Enabled by default (Chrome 85)

Intent stage

Shipped

Summary

Adds two accessors from the Web Authentication Level 2 spec that save sites from parsing Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE) in order to use security keys.

Motivation

CBOR and COSE are somewhat obscure at this time and there's no need for most sites to have to worry about them as the browser is capable of translating them into more standard formats.

Standards & signals

• Specification: https://w3c.github.io/webauthn/#sctn-public-key-easy
• Firefox: Positive — (J.C. reviewed spec PR.)
• Safari: No signal
• Web developers: No signals
• Tracking bug: https://bugs.chromium.org/p/chromium/issues/detail?id=1083301

Docs: https://w3c.github.io/webauthn/#sctn-public-key-easy

Explainers: https://w3c.github.io/webauthn/#sctn-public-key-easy

View on chromestatus.com