- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 10 Oct 2017 00:18:38 +0000
- To: public-webauthn@w3.org
That's what the TODO is supposed to figure out: >with the understanding that Jeffrey will write up some language which says authenticators should never return userid (or any account info for that matter) when a signature was requested using a CredentialID [this means it's being used as a second factor]. My gut says it should probably be `undefined` in that case. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/616#issuecomment-335323576 using your GitHub account
Received on Tuesday, 10 October 2017 00:18:26 UTC