- From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
- Date: Mon, 05 Aug 2019 02:18:03 +0000
- To: public-webauthn@w3.org
@equalsJeffH I think that you are right. The get call with empty allow credential is not common, but as a RP, we need to provide the concrete UXs for such cases. There are following cases where we cannot get any local information. There might be more. 1. Cross browser: User registered credential with one browser and uses it with other browsers 2. Cross device: User registered credential with one device and tries to authenticate with other devices 3. Cross platform (Web and Native): Users registered credential with a browser and tries to use it with native application (associated) and vice versa 4. Cross browser mode (normal vs incognito): Users registered credential with a browser in a normal mode and tries to use it with same browser in a incognito mode -- GitHub Notification of comment by Kieun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1267#issuecomment-518061803 using your GitHub account
Received on Monday, 5 August 2019 02:18:04 UTC