Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>except for MDM devices where the MDM profile can allow attestation for RP domains on an opt-in basis.

And even then, the attestation you get in that scenario is just an attestation that the passkey was created on a managed device. It is not a hardware/device attestation.



But only Apple devices can be managed, and presumably that’s in turn attested to by Apple cryptographic keys in hardware?




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: