Re: [webauthn] What does "the extension was acted upon" mean for the AppID extension? from Akshay Kumar via GitHub on 2018-07-11 (public-webauthn@w3.org from July 2018)

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 11 Jul 2018 00:30:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-404007188-1531268996-sysbot+gh@w3.org>

Coming back to the original question, my interpretation and implementation of "true" is case(2). Otherwise, I don't see any value for returning this boolean. My interpretation was that when RP sees this value, it can see whether RPID hash was used in authenticatorData or AppId hash. 

Saying RP will always know whether credential was created with U2F or not will not be correct in the future where U2F credentials will be created using webauthn APIs which will use RPID instead of AppId.

-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/982#issuecomment-404007188 using your GitHub account

Received on Wednesday, 11 July 2018 00:30:07 UTC