Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations from =JeffH via GitHub on 2017-04-18 (public-webauthn@w3.org from April 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Tue, 18 Apr 2017 16:42:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-294905246-1492533729-sysbot+gh@w3.org>

@mikewest:
>  y'all consider requiring the value to be a base64-encoded DOMString, and doing the decoding/bufferizing as part of the makeCredential and getAssertion algorithms? 

no, we did not think of that -- yes, I'm thinking your suggestion is the way to go -- thanks!


-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/404#issuecomment-294905246 using your GitHub account

Received on Tuesday, 18 April 2017 16:42:17 UTC