Questions about some of the naming in the spec from Kimberly Paulhamus on 2016-11-30 (public-webauthn@w3.org from December 2016)

From: Kimberly Paulhamus <kpaulhamus@google.com>
Date: Wed, 30 Nov 2016 18:35:03 +0000
To: public-webauthn@w3.org
Message-ID: <CAKQBCKGhc5-XdLPJXbD28Z2POXZwU-T-WMGEvs=W5gEf2RA38w@mail.gmail.com>

Hi WebAuthn working group,

We are currently working on implementing WebAuthn for Chrome. We're at the
early stages of setting up the Chromium interfaces, and reviewers have had
some questions on the naming in the spec that we wanted to ask you all
about.

To summarize -
Regarding WebAuthnAssertion/Attestation/Extensions, "Why not just WebAuth
or Auth? The n in the middle doesn't mean anything and is going to be a
wart for developers to remember for the next 30 years."

Account and ClientData are too generic; either need to be more specific or
scoped.

Prefixing an API with 'Web' seems to be unusual in general.

Thoughts and comments?

Thanks,
Kimberly

Received on Thursday, 1 December 2016 12:55:54 UTC