- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Fri, 13 May 2016 13:45:16 +0000
- To: public-webauthn@w3.org
equalsJeffH has just labeled an issue for https://github.com/w3c/webauthn as "type:editorial": == Clarify which sign. algm.'s RP's must support (Sec. 4.3.2.1.2) == Current text states "The following algorithms must be implemented by servers:" and goes on to list target signing methods. But the text later says "WebAuthn Relying Parties must implement all the algorithms implemented by the authenticators that they support." The two statements seem to contradict each other. For instance, if an RP does not support any authenticators that implement ECDAA then it does not seem to be necessary for the RP to implement ECDAA. Would recomment changing "The following algorithms must be implemented by servers:" to "One or more of the following algorithms must be implemented by servers (depending on the authenticators that servers support):" See https://github.com/w3c/webauthn/issues/104
Received on Friday, 13 May 2016 13:45:18 UTC