Re: [webauthn] Are RPs expected to follow redirects for icon URLs? (#1285) from Emil Lundberg via GitHub on 2019-08-25 (public-webauthn@w3.org from August 2019)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Sun, 25 Aug 2019 15:45:02 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-524640197-1566747900-sysbot+gh@w3.org>

Both `user.icon` and `rp.icon` are specified by the RP*, so RPs aren't expected to process them at all after passing them into a WebAuthn function call. #1139 has some discussion on what authenticators and/or clients are expected to do with them.

\* Or by the user under the RP's supervision, unless the user modifies the client-side script. In either case, the RP controls the values for the purposes of this discussion.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1285#issuecomment-524640197 using your GitHub account

Received on Sunday, 25 August 2019 15:45:03 UTC