WebAuthn PRF extension

The PRF extension to WebAuthn allows a hash message authentication code (HMAC), stored on the security key, to be evaluated when getting a credential. This can be used to derive secret keys used to encrypt user data.

Documentation

Specification

Editor's draft

Status in Chromium

Blink>WebAuthentication


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • Positive
  • No signal
  • No signals

Owner

Intent to Prototype url

Intent to Prototype thread

Search tags

webauthn, prf, hmac,

Last updated on 2020-10-25