- From: John Bradley via GitHub <sysbot+gh@w3.org>
- Date: Sat, 10 Aug 2019 00:24:33 +0000
- To: public-webauthn@w3.org
It will give users the option of a external authenticator if you send credentials that have transports like NFC or USB. I think it is better for you to use the API to get the transports for the credentials and then work with Google and others to optimise how the UX is presented. The new webAuthn API can be used with get credential as well for credentials you don't have transports for. Yes I have confidence that some of the remaining issues with resident credentials ( otherwise known as credentials that work without an allow list) will get sorted out shortly. It sounds like you are still experimenting with flows. While you may want to use the platform authenticator, you may still have a better user flow by using the allow list and not prompting the user with the credential selector dialog. I am happy to explore what will and won't work for you and see how to make it better. I just think it is premature to assume that adding that flag for get credential without an allow list is going to work the way you are hopeing. Let's have a look at the flows and dialogs now without RK and what changes once no allow list is working on Android. John B. On Fri, Aug 9, 2019, 5:29 PM Ki-Eun Shin <notifications@github.com> wrote: > John, Thanks for pointing out. I basically agree with your suggestion. If > the platform can handle the cases better, we should rely on it. I hope that > our users do not confuse the unknown message. > > Regarding the specific cases, we are considering mobile web and native app > for Android. Still, Android does not support RK. But, we expect that the RK > is eventually supported. > Then, as I mentioned before (cross browser and cross browser and native), > the cases where we haven't any credential info will happen. Maybe, if there > is no credential on the platform, the Android will prompt for external > authenticator? > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <https://github.com/w3c/webauthn/issues/1267?email_source=notifications&email_token=AAAPQJ27AF6Z547FNE6QOILQDXOVJA5CNFSM4IIDYLYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD372FYA#issuecomment-520069856>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AAAPQJ3TRPFIIOZ2YWOXZ2LQDXOVJANCNFSM4IIDYLYA> > . > -- GitHub Notification of comment by ve7jtb Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1267#issuecomment-520101721 using your GitHub account
Received on Saturday, 10 August 2019 00:24:35 UTC