Merge pull request #587 from WillSmartYubico/2024-05-14-browser-suppo…

…rt-update

May 2024 browser support update

content/WebAuthn/WebAuthn_Browser_Support/index.adoc

@@ -8,7 +8,7 @@ WebAuthn support is not uniform across browsers. For services implementing WebAu
 [%header,cols="^.^,^.^" width=20]
 |===
 |Feature is supported | Feature is not supported
-a|image::group-4.png[] a|image::group-copy-5.png[]
+a|image::yes.png[] a|image::no.png[]
 |===
 
 ==== Features ====
@@ -23,61 +23,61 @@ a|image::group-4.png[] a|image::group-copy-5.png[]
 
 *link:https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps-20170411.html[CTAP 1 / U2F Legacy Support]* - The browser has legacy support for authenticators only supporting User Presence over U2F.
 
-=== Windows 11 22H2 ===
+=== Windows 11 23H2 ===
 
 [%header,cols="^.^,^.,^.,^.,^.,^."]
 |===
 2+|Browser |Resident Key / Discoverable Credential |User Verification (PIN / Biometric) |Passkeys on the YubiKey |CTAP 1 /
 U2F Legacy Support
-.2+|*Edge Chromium 112* |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-.2+|*Chrome 112** |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-.2+|*Firefox 112* |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.2+|*Edge Chromium 124* |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+.2+|*Chrome 124** |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+.2+|*Firefox 125* |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 |===
 *Notes on Chrome differences from other browsers
 
 * When a request to create a credential with a resident key is made User Verification is enforced even if the request has UV = 0.
 
-=== MacOS 13.3 ===
+=== MacOS 14.4.1 ===
 NFC support has been excluded since NFC is not supported on macOS browsers.
 
 [%header,cols="^.^,^.,^.,^.,^.,^."]
 |===
 2+|Browser |Resident Key / Discoverable Credential |User Verification (PIN / Biometric) |Passkeys on the YubiKey |CTAP 1 /
 U2F Legacy Support
-.2+|*Safari 16.4** |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image:group-4.png[] **
+.2+|*Safari 17.4.1** |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image:yes.png[] **
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
-.2+|*Chrome 112* |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.2+|*Chrome 124* |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
-.2+|*Firefox 114** |USB a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.2+|*Firefox 125** |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
 |===
 *Safari & Firefox will not allow users to set a PIN for User Verification if one is not already set.
 
 **Bug for FIDO/U2F registration issues for WebKit/Safari:
 https://bugs.webkit.org/show_bug.cgi?id=247344
 
-=== iOS 16.4 ===
-Verified with iPhone 13, 12, 11, XR, XS and iPhone 8
+=== iOS 17.4.1 ===
+Verified with iPhone XR
 
 Most browsers on Apple mobile devices use link:https://developer.apple.com/documentation/webkit[Apple WebKit]. As such, these browsers will have all the same functionality available.
 
 [%header,cols="^.^,^.,^.,^.,^.,^."]
 |===
 2+|Browser |Resident Key / Discoverable Credential |User Verification (PIN / Biometric) |Passkeys on the YubiKey |CTAP 1 /
 U2F Legacy Support
-.2+|*Safari 16.4** |Lightning a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-.2+|*Chrome 112** |Lightning  a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-.2+|*Firefox 112** |Lightning  a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.2+|*Safari 17.4.1** |Lightning a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+.2+|*Chrome 124** |Lightning  a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+.2+|*Firefox 125** |Lightning  a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 |===
 *Browsers on iOS are not able to set a PIN for user verification (UV) if one is not already set.  Requests to create a credential that requires UV may appear to succeed, but create a credential that will not require a PIN.
 
-=== iPadOS 16.4 ===
+=== iPadOS 17.4.1 ===
 Verified with iPad 6th generation (Lightning), iPad Air (USB-C) 4th generation, and iPad Pro 2018 (USB-C)
 
 Most browsers on Apple mobile devices use link:https://developer.apple.com/documentation/webkit[Apple WebKit]. As such, these browsers will have all the same functionality available.
@@ -89,29 +89,35 @@ USB-C is only available on iPad Pro and 4th and 5th generation iPad Air models.
 |===
 2+|Browser |Resident Key / Discoverable Credential |User Verification (PIN / Biometric) |Passkeys on the YubiKey |CTAP 1 /
 U2F Legacy Support
-.3+|*Safari 16.4** |Lightning a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|USB-C a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.3+|*Safari 17.4.1** |Lightning a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|USB-C a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
-.3+|*Chrome 112** |Lightning a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|USB-C a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.3+|*Chrome 124** |Lightning a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|USB-C a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
-.3+|*Firefox 112** |Lightning a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
-^.^|USB-C a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[] a|image::group-4.png[]
+.3+|*Firefox 125** |Lightning a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|USB-C a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
 ^.^|NFC a|N/A a|N/A a|N/A a|N/A
 |===
 *Browsers on iPadOS are not able to set a PIN for user verification (UV) if one is not already set.  Requests to create a credential that requires UV may appear to succeed, but create a credential that will not require a PIN.
 
-=== Android 13 ===
-Verified with Pixel 6
+=== Android 14 ===
+Verified with Pixel 6 & Google Play Services 24.16
 
-Currently the Android platform only supports CTAP1 (U2F) authenticators. Android does support clients (browsers) making WebAuthn requests to a relying party
+Android support for FIDO2 is linked to Google Play Services, and may be available on link:https://support.google.com/googleplay/answer/7165974[Google Play Protect] certified devices running Android 9 or later, as long as they are running a current version of Google Play Services, and have a screen lock configured.
+
+Currently the Android platform only supports the CTAP 1 (U2F) protocol over NFC.
+Support for Resident Keys / Discoverable Credentials, User Verification, and passkeys is available over USB.
 
 [%header,cols="^.^,^.,^.,^.,^.,^."]
 |===
-2+|Browser |Resident Key / Discoverable Credential |User Verification (PIN / Biometric) |Passkeys on the YubiKey |CTAP 1 /
+2+|Browser |Resident Key / Discoverable Credential* |User Verification (PIN / Biometric) |Passkeys on the YubiKey* |CTAP 1 /
 U2F Legacy Support
-.2+|*Chrome 112* |USB a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-4.png[]
-.2+|*Firefox 112* |USB a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-4.png[]
-^.^|NFC a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-copy-5.png[] a|image::group-4.png[]
+.2+|*Chrome 124* |USB a|image::yes.png[] a|image::yes.png[] a|image::yes.png[] a|image::yes.png[]
+^.^|NFC a|image::no.png[] a|image::no.png[] a|image::no.png[] a|image::yes.png[]
+.2+|*Firefox 125* |USB a|image::no.png[] a|image::no.png[] a|image::no.png[] a|image::no.png[]
+^.^|NFC a|image::no.png[] a|image::no.png[] a|image::no.png[] a|image::no.png[]
 |===
+*Android will prevent the use of passkeys / resident keys / discoverable credentials on a security key, if there is already at least one synced passkey in Google password manager for the same web site.
+
+**Bug for Firefox mobile support of security keys: https://bugzilla.mozilla.org/show_bug.cgi?id=1888654