Re: [webauthn] Authenticators that do not recognize any handles shouldn't just be dropped on the floor from Emil Lundberg via GitHub on 2018-04-25 (public-webauthn@w3.org from April 2018)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Apr 2018 08:42:23 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-384208877-1524645742-sysbot+gh@w3.org>

>rigorous user study, right??

It's definitely better than my pure speculation, at least. :smile:

>Regarding platform authenticators, Chrome does intend to have a dialog to notify the user (and not call down to the platform authenticator, so as to prevent OS popups), after which Chrome will return to the RP.

I don't quite understand what you mean by that - notify the user about what? In the scenario where a laptop has a platform authenticator built in and `navigator.credentials.get()` is called with `allowCredentials: [{ id: "foo" }]`, where `foo` is on a currently disconnected USB key, what would Chrome do?

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/863#issuecomment-384208877 using your GitHub account

Received on Wednesday, 25 April 2018 08:42:26 UTC