- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Mon, 22 Aug 2016 17:54:29 +0000
- To: public-webauthn@w3.org
equalsJeffH has just created a new issue for https://github.com/w3c/webauthn: == do not entirely lose distinctions distinctions between External and Embedded Authenticators == this issue is derived from, and focuses only on the "External and Embedded Authenticators" portion of.. >Re: [webauthn] Text aesthetic updates >https://lists.w3.org/Archives/Public/public-webauthn/2016Jul/0021.html Regarding this set of commits.. >[webauthn] new commits pushed by jcjones >https://lists.w3.org/Archives/Public/public-webauthn/2016Jul/0016.html ... > * Remove distinctions between External and Embedded Authenticators I do not think we should entirely loose the "embedded/bound" and "external/portable/roaming" notions. These concepts will be likely be useful to platform developers (see also the thread entitled "use cases"). in particular, this text may be important to some readers.. >Note that an external authenticator may itself contain an embedded authenticator. For example, consider a smart phone that contains a scoped credential. The credential may be accessed by a web browser running on the phone itself. In this case the module containing the credential is functioning as an embedded authenticator. However, the credential may also be accessed over BLE by a user agent on a nearby laptop. In this latter case, the phone is functioning as an external authenticator. These modes may even be used in a single end-to-end user scenario. One such scenario is described among the use cases (in [[#authentication-external]]). I would be fine with capturing such information in an "implementation considerations" section or an appendix of some sort. An example of such a section is: https://tools.ietf.org/html/rfc6797#section-12 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/181 using your GitHub account
Received on Monday, 22 August 2016 17:54:36 UTC