[webauthn] User Verification definition needs to be refined from gmandyam via GitHub on 2017-02-22 (public-webauthn@w3.org from February 2017)

From: gmandyam via GitHub <sysbot+gh@w3.org>
Date: Wed, 22 Feb 2017 18:34:17 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-209541626-1487788456-sysbot+gh@w3.org>

gmandyam has just created a new issue for 
https://github.com/w3c/webauthn:

== User Verification definition needs to be refined ==
As per WD-04:  https://www.w3.org/TR/webauthn/#terminology, the 
definition of User Verification does not address whether the 
verification takes place within the authenticator boundary.  Recommend
 adding the following sentence immeidately after 'Note that invocation
 of said operations implies use of key material managed by the 
authenticator':  
"Therefore the user verification operation must take place within the 
restricted operating environment of the authenticator itself."

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/357 using your GitHub account

Received on Wednesday, 22 February 2017 18:34:24 UTC