- From: Angelo Liao via GitHub <sysbot+gh@w3.org>
- Date: Thu, 15 Jun 2017 23:00:14 +0000
- To: public-webauthn@w3.org
My original post proposes two changes to the spec: 1. Remove the "required" keyword from PublicKeyCredentialDescriptor.id, which is a member of the allowCredentials and excludeCredentials dictionary. 2. Change the relevant prose to say that allowCredentials and excludeCredentials are "lists of search criteria to find credentials acceptable to the callers." Reading from J.C.'s comment, I believe he's supportive of the first change and the second change is not necessary. In addition, he proposes another change based upon the previous two: 3. Add requirements to the algorithm that "if the credential type is 'PublicKeyCredential', the id is required." If we go with whatever J.C. proposes, there won't be any real API behavioral change except that we keep a door open for future credential types. -- GitHub Notification of comment by AngeloKai Please view or discuss this issue at https://github.com/w3c/webauthn/issues/245#issuecomment-308888242 using your GitHub account
Received on Thursday, 15 June 2017 23:00:20 UTC