Today I learned that the way the Google FIDO u2f polyfill is written means the API defined at https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#high-level-javascript-api … can't actually be shipped in non-Chrome browsers in that form because the polyfill will stomp on it with code that only works in Chrome.
-
Show this thread
-
Replying to @really_bz @bz_moz
Can Google rewrite its polyfill in a compatible way (and then wait for everyone to update every copy of the polyfill everywhere)? Or can the FIDO U2F API be moved to a namespace other than u2f?
4 replies 0 retweets 1 like -
U3F
3 replies 0 retweets 7 likes
The polyfill could be changed to not break things, sure. But that would not help us ship u2f in the here and now, and the long-term plan is for FIDO u2f to not exist and everyone use webauthn, yes?
11:11 AM - 23 May 2019
0 replies
0 retweets
4 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.