Re: [webauthn] Add “appidExclude” extension. (#1244) from Emil Lundberg via GitHub on 2019-06-27 (public-webauthn@w3.org from June 2019)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 27 Jun 2019 16:57:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-506428352-1561654662-sysbot+gh@w3.org>

Perhaps we should define a proper term for "legacy credential", and use that in both this and the appid extension? I'm thinking something like:

- **AppID Credential:** A credential scoped to a FIDO AppID, unlike an _RP ID credential_ which is scoped to an RP ID. AppID credentials can be created via the FIDO U2F JavaScript API and cannot be created via the WebAuthn API, but the `appid` extension enables using them to generate WebAuthn assertion signatures.
- **RP ID Credential:** A credential scoped to an RP ID. This is the default kind of credential in WebAuthn, and is the only kind of credential that can be created via the WebAuthn API. See also _AppID credential_.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1244#issuecomment-506428352 using your GitHub account

Received on Thursday, 27 June 2019 16:57:45 UTC