A couple of comments... * My one big comment was already taken care of in the latest draft. That being removing reference to FIDO as NIST didn't want to limit it to FIDO syncable passkeys only should another version be "born" outside of FIDO. * The term "passkeys" should not be capitalized. * The text reads, "the use of any variant of Passkey".... While the 800-63B supplement is specific to syncable authenticators (syncable passkeys), the current text in the notice "any variant" implies it applies to both syncable and device-bound passkeys. If that is the case, we should clearly state that. If it is only applicable to syncable authenticators then we should clearly state that. Regards, Mike Michael Magrath (he/him) | Director of Identity Policy and Industry Relations | Easy Dynamics Corp<http://www.easydynamics.com/> mmagrath@easydynamics.com<mailto:mmagrath@easydynamics.com> | 703-944-1090 ________________________________ From: Richard G. WILSHER (@Zygma Inc.) <RGW@Zygma.biz> Sent: Thursday, November 21, 2024 10:47 AM To: IA WG <wg-idassurance@kantarainitiative.org> Subject: [WG-IDAssurance] Proposed Passkey notice criteria I believe that the list of criteria which should be referenced in the proposed notice are as follows: 63B# - 0410, 0420,0430, 0440, 0450, 0460, 1150, 1160, 1210, 1220, 1230, 1240, 1270, 1280, 1290, 1300, 1310, 1320, 1330, 1450, 1460, 1470, 1480, 1490, 1500, 1510, 1520, 1530, 1540, 1550 These have been previously brought to the IAWG’s attention when we were meddling with the actual text of some of these. Richard G. WILSHER CEO & Founder, Zygma Inc. www.Zygma.biz +1 714 797 9942