Standards
Standards

Understand the various specifications, their maturity levels on the web standards track, and their adoption.
Explore web standards
Groups
Groups

A variety of groups develop Web Standards, guidelines, or supporting materials.
About W3C groups
Get involved
Get involved

W3C works at the nexus of core technology, industry needs, and societal needs.
Find ways to get involved
Resources
Resources

Master Web fundamentals, use our developer tools, or contribute code.
Learn from W3C resources
News and events
News and events

Recent content across news, blogs, press releases, media; upcoming events.
Follow news and events
About
About

Understand our values and principles, learn our history, look into our policies, meet our people.
Find out more about us
Search
My account

Call for Review: Web Authentication: An API for accessing Public Key Credentials Level 2 is a W3C Proposed Recommendation

Author(s) and publish date

Published:: 25 February 2021

The Web Authentication Working Group has published a Proposed Recommendation of Web Authentication: An API for accessing Public Key Credentials Level 2. This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. This is Web Authentication Level 2. Substantive changes since Level 1 are:

Added new method to allow Discoverable/Resident Credentials Preferred
New methods added for Attestation Objects
Added Attestation types (Enterprise, Apple)
Added Large Blob storage and credential properties

Explanatory materials and implementation considerations have been updated as well.

Comments are welcome through 26 March 2021.

Related RSS feed

Subscribe to our news feed