[webauthn] Throw "NotFoundError" when internal authenticator is not available or not found from Angelo Liao via GitHub on 2016-11-18 (public-webauthn@w3.org from November 2016)

From: Angelo Liao via GitHub <sysbot+gh@w3.org>
Date: Fri, 18 Nov 2016 19:32:00 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-190402430-1479497516-sysbot+gh@w3.org>

AngeloKai has just created a new issue for 
https://github.com/w3c/webauthn:

== Throw "NotFoundError" when internal authenticator is not available 
or not found ==
In the current spec, four DOMException errors could be thrown in the 
execution process of makeCredential and getAssertion:
"NotSupportedError": the error would be throw if a crypto algorithm 
developer wishes to use is not supported by the API 
"SecurityError": the error would be throw if the procedure for 
relaxing the same-origin restriction went wrong and that procedure may
 go wrong because the developer doesn't follow security procedure
"UnknownError": the error would be throw if fatal error event which we
 don't anticipate happening, such as JS exception
"NotAllowedError": the error would be throw if  the origin is an 
opaque origin or the number of issued requests to authenticators is 0 

If any of the previous errors were thrown, the developer would most 
likely default the users back to their original flow. 

However, there is one situation that is not currently accounted for: 
when an internal authenticator is requested but no internal 
authenticator is found or not available. When this situation comes up,
 the developer could show some text to explain to the user that s/he 
could go register to start using the internal authenticator, such as 
enroll their fingerprint. 

Therefore, it would make sense to throw a DOMException error unlike 
the ones listed above. Among all the existing [DOMException 
errors](http://www.w3.org/TR/dom/#error-names) listed in the current 
HTML spec, the "NotFoundError" seems most fitting to the current 
situation. 

The existing "NotAllowedError" could work but the error is also thrown
 when the origin is an opaque origin. The "opaque origin" situation is
 rather different when the situation when an authenticator is not 
available; developer would also most likely want to do different 
things in the two different situations. 

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/302 using your GitHub account

Received on Friday, 18 November 2016 19:32:07 UTC