Allow metadata to be attached to registrations retroactively
Key details
Basics
Logistics
Basics
Logistics
Description
Metadata about the authenticator is attached to credential registrations at the point of registration. So if you register a credential and then turn on metadata support, previous registrations will not have their authenticator metadata attached. We should look into attaching metadata about the authenticator that created the credential retroactively.
Environment
None
Activity
Philip Smart
September 11, 2024 at 3:10 PM
I removed the authenticator metadata field from the credential storage record. Therefore, we no longer store the metadata entry, only the AAGUID, which links to its metadata entry in the FIDO metadata service.
If the metadata service is configured, metadata is attached to the credential at runtime. It can then be used in the usual ways (to make trust decisions and to improve the UI).
This means we don't have to read and write credential registrations when the metadata changes, or when metadata needs to be added retroactively.
Metadata about the authenticator is attached to credential registrations at the point of registration. So if you register a credential and then turn on metadata support, previous registrations will not have their authenticator metadata attached. We should look into attaching metadata about the authenticator that created the credential retroactively.