Bug 242204

Summary: [WebAuthn] support large blob storage extension
Product: WebKit Reporter: tarrence
Component: WebKit Misc.Assignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: alibellows, bfulgham, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description tarrence 2022-06-30 14:13:30 PDT 
Support for large blob storage (https://w3c.github.io/webauthn/#sctn-large-blob-extension) is landing in chrome soon. It supports storage of opaque blobs alongside the users credentials. This would enable a lot of new use cases, for example, storing a private key for encryption and supporting fully user custodial applications.
Comment 1 Radar WebKit Bug Importer 2022-06-30 16:53:35 PDT 
<rdar://problem/96255388>
Comment 2 alibellows 2023-05-19 19:42:01 PDT 
Hi, currently this may be a dupe of [bug #252789](https://bugs.webkit.org/show_bug.cgi?id=252789) but I'd like to track status for support in platform authenticators and figure we could do that here.  (I can split into a new bug if not)

After [PR #9891](https://github.com/WebKit/WebKit/pull/9891) I thought my Macbook Pro M1 platform authenticator (with Safari Preview Release 170 on MacOS Ventura) might support largeBlob, but it seems I was mistaken.  I.e., clientExtensionResults in the assertionResponse is always empty, despite my providing extensions input including `largeBlob`.  Note the same setup works correctly (clientExtensionResults is nonempty and gives the expected values) if I use an emulated authenticator with Chrome devtools, but not my actual platform authenticator.

Are Apple, etc planning to support large blob on platform authenticators?  If so, can we track related work here? 

Thank you!