As part of the WebAuthn create() call, an authenticator will create a new keypair as well as an attestationObject for that keypair. The attestationObject contains the new public key, as well as signature over the entire attestationObject with a private key that is stored in the authenticator when it is manufactured. The public key that corresponds to the private key that has created the attestation signature is well known; however, there are various well known attestation public key chains for different ecosystems (for example, Android or TPM attestations).
|Web Authentication Level 1||Working Draft||Initial definition.|
We're converting our compatibility data into a machine-readable JSON format. This compatibility table still uses the old format, because we haven't yet converted the data it contains. Find out how you can help!
|Feature||Chrome||Firefox (Gecko)||Internet Explorer||Opera||Safari (WebKit)|
|Basic support||Nightly build||Nightly build||No support||No support||No support|
|Feature||Android Webview||Chrome for Android||Firefox Mobile (Gecko)||Firefox OS||IE Phone||Opera Mobile||Safari Mobile|
|Basic support||No support||Nightly build||No support||No support||No support||No support||No support|