Re: Refactoring spec into web API and authenticator model

On 4/18/16, 11:21 PM, "Vijay Bharadwaj" <<>> wrote:
I just sent out a PR that lays out the approach I alluded to on the previous call. For convenient review, I'm attaching a bikeshed-processed html version to this email. Please take a look and let me know if you have comments or feedback, either by replying to this email or (even better) by commenting on the PR in Github.

Ok, I've skimed through it some, but not in fine detail as yet because there's much spec there, plus you've done some non-trivial surgery including new glue text as well as altering cross-reference types in places  (eg cross-referencing into text rather than into idl).  I'm nominally fine with what I've been able to skim through this evening, tho will need to go through it in more detail.

At a high level, it seems that the intent of section 3 "web authn api" is that it now constitutes the majority of the info that client- and server-side webapp developers ostensibly would need to pay attention to, yes?    and obviously section 4 "WebAuthn Authenticator Model"  is for authnr developers.  this seems overall reasonable to me.

thx, hth,


Received on Wednesday, 20 April 2016 01:56:41 UTC