- From: James Hartig via GitHub <sysbot+gh@w3.org>
- Date: Fri, 19 Jan 2024 03:42:25 +0000
- To: public-webauthn@w3.org
jameshartig has just created a new issue for https://github.com/w3c/webauthn: == credentialRecord.transports has no purpose == ## Proposed Change The current spec says that `credentialRecord.transports` is RECOMMENDED but I can't find a reference for when to use it. I believe this was lost in https://github.com/w3c/webauthn/pull/1773 where it was previously used to populate the `allowCredentials`. I would like to understand how RPs should use this field in practice. We (an RP) require the use of discoverable credentials and therefore never fill in `allowCredentials`. My understanding is that `credentialRecord.transports` has no purpose in our use-case. I don't know how the WG decides between "RECOMMENDED" and "OPTIONAL" but it's confusing that it's currently "RECOMMENDED" without any mention of how/when to use it. Also, I wasn't sure where to post this question, I didn't see much non-GitHub communication in the public mailing list and my company is not a W3C member. If this is the wrong avenue for this type of discussion, I apologize. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2016 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 19 January 2024 03:42:28 UTC