Description

Passkey Providers/Authenticators now support backed-up and non-backup credentials. It varies from one provider to the other the choices they provide.

For an RP, currently they have no way to express their preference regarding backed credentials. For example, some enterprises and high security consumer RPs may want a non-backed up credential. Other RPs can prefer backed-up credential for their use cases regarding availability everywhere w.r.t current and future devices.

For the providers who support both backed-up and non-backed-up credential, RP's preference helps guide the user.

Hence, we need a way for an RP to indicate their backup preference in WebAuthn spec.

Note: Given the nature of different options provided by the providers/authenticators, their capabilities, user choices etc., RP must expect both backed-up and non-backed-up credentials in the registration responses.