Are public keys stored in the browsers in macos 11.4 and in iOS 14
Question
I have tested https://webauthn.io/ on my mac and iphone. On iPhone I could register with Chrome and sign in with Safari but on macos I had to register separately on Chrome and Safari.
I wonder where the public keys are stored and why the behavior is different on macos and ios?
1 answers
solution1
2 ACCPTED 2021-06-14 13:28:48
Up through macOS Big Sur WebAuthn credentials are indeed siloed to individual browsers. In practical terms this means a Touch ID credential registered in Safari cannot be used when authenticating in Chrome, nor a Chrome one in Edge (Chromium). Touch ID must be registered per browser, and a credential ID is only valid for the browser it was registered in.
As you noted iOS gained an OS-level credential store in 14.5 (if I remember correctly), similar to Windows Hello. This had the added benefit of allowing WebAuthn to be used in all browser apps, not just Safari.app, and Touch ID only needed to be registered once for authentication in any browser app.
I'll end this by saying that the upcoming preview of Apple's iCloud Keychain-backed “passkeys” appears to offer a Windows Hello-esque OS-level credential store in macOS Monterey that is sorely needed:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.