- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Tue, 07 Jun 2016 17:56:15 +0000
- To: public-webauthn@w3.org
Nominally, I think optional attestation is fine -- it is up to the RP's risk tolerance whether they accept a unattested registrations. We will need to carefully examine the ramifications in the security considerations, tho. -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/86#issuecomment-224361745 using your GitHub account
Received on Tuesday, 7 June 2016 17:56:17 UTC