Re: [webauthn] Allow client to return NotAllowedError early if success is impossible from Emil Lundberg via GitHub on 2018-06-20 (public-webauthn@w3.org from June 2018)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 20 Jun 2018 11:34:50 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-398718291-1529494488-sysbot+gh@w3.org>

This is currently written as MAYs so as to be minimally breaking.

An alternative solution to the case where `authenticatorSelection` or `allowCredentials.transports` are incompatible with what the platform supports would be to add a step directly after the origin check where the client MAY return a `ConstraintError` or similar without user consent. That might be a "more" breaking change, though. There might also be implications for privacy considerations, but I think they would be very minor.

If anyone would prefer this alternative solution, please voice your support explicitly.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/962#issuecomment-398718291 using your GitHub account

Received on Wednesday, 20 June 2018 11:34:52 UTC