The point of the video was that when using the device as the authenticator, attestation reveals details of the phone (such as the unique private key used to prove the phone is valid to a manufacturer). The anonymous…
That's precisely what the attestation section of the talk describes. This is all part of the WebAuthentication standard.
This is, of course, an active thread of discussion in the WebAuthentication working group.
Correct. The key material is stored in the Secure Enclave.
Yes there is. The video covers this clearly.
You should pay special attention to the section about attestation, which is not something that is done in a privacy-focused way without an anonymous attestation authority (which is part of the iOS 14 feature)
The point of the video was that when using the device as the authenticator, attestation reveals details of the phone (such as the unique private key used to prove the phone is valid to a manufacturer). The anonymous…
That's precisely what the attestation section of the talk describes. This is all part of the WebAuthentication standard.
This is, of course, an active thread of discussion in the WebAuthentication working group.
Correct. The key material is stored in the Secure Enclave.
Yes there is. The video covers this clearly.
You should pay special attention to the section about attestation, which is not something that is done in a privacy-focused way without an anonymous attestation authority (which is part of the iOS 14 feature)