CA SSO support for FIDO2 WebAuthN

Idea created by JMCColorado on Aug 7, 2018
    Under review
    Score8
    • Makesh.T
    • Kaladhar.Brahmanapally
    • MortenHallstrom
    • JMCColorado
    • CBertagnolli
    • Mithrandir
    • margi11
    • yoshio.katayama

    CA has an opportunity to innovate by developing a FIDO2 WebAuthN authentication scheme for CA SSO.

     

    This new spec is being built into all major browsers, and it will allow a user to use any available FIDO2 token or biometric as a second factor during authentication.

     

    Web Authentication: An API for accessing Public Key Credentials Level 1 

     

    This provides phishing resistance which passwords cannot.

     

    CA should get out in front of the curve and begin development on supporting this emerging standard.