Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API from =JeffH via GitHub on 2017-02-24 (public-webauthn@w3.org from February 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Fri, 24 Feb 2017 18:03:51 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-282360559-1487959430-sysbot+gh@w3.org>

@kpaulh wrote:
> As an example use case, a user logs in to the RP. If the call is 
successful..

This is assuming that the login is a legacy one (e.g. via [form-based 
("password") 
authentication](https://en.wikipedia.org/wiki/Form-based_authentication))
 not using WebAuthn/FIDO means, yes?
> ..the browser would drop an info bar / bubble that informs capable 
users of the RP's ability to use the authenticator for log-in..

By "the authenticator" do you mean to say "an available platform 
authenticator"?  During the discussion at the end of the F2F meeting I
 recall that roaming authenticators (i.e., those with a cross-platform
 attachment) were not considered candidates for this use case -- is 
that still the intention?

Also, this use case depends upon the RP webapp developers to 
explicitly take advantage of the availability of this method and to 
weave it properly into their login flows, yes?  If they do not do so, 
then perhaps there is still need for possibly throwing a 
"NotFoundError" as anticipated in #302  and #350 ?  @vijaybh ?

-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/345#issuecomment-282360559 
using your GitHub account

Received on Friday, 24 February 2017 18:03:59 UTC