The words "desired" and "best effort" led me to believe that `cryptoParameters` was just a guide, and that if no match in `cryptoParameters` was found then any alternative credential would be acceptable. I would suggest clarifying that if no match is found in `cryptoParameters` an error is returned. Returning to your question about how much detail an RP App should provide in specifying a credential, isn't this already addressed by the [definition](https://www.w3.org/TR/WebCryptoAPI/#algorithm-dictionary) of `AlgorithmIdentifier` which may be either a string or an object? The object can contain all the details you want and if it's a string like "RSASSA-PKCS1-v1_5", then the [normalizing algorithm](https://www.w3.org/TR/WebCryptoAPI/#algorithm-normalization) will fill in the details? PS - Hopefully it's obvious, but we may want to specify that the `algorithm` must be one that supports the `sign` and `verify` methods, as described in [WebCrypto Section 19](https://www.w3.org/TR/WebCryptoAPI/#algorithm-overview). -- GitHub Notification of comment by apowers313 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/113#issuecomment-223718095 using your GitHub accountReceived on Friday, 3 June 2016 23:28:45 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:21 UTC