- From: Angelo Liao via GitHub <sysbot+gh@w3.org>
- Date: Fri, 18 Nov 2016 23:09:43 +0000
- To: public-webauthn@w3.org
I cannot foresee an attack surface based solely on knowing the credential ID either. Credential IDs were designed to be anonymous so that an attacker cannot attack without cracking down the signature scheme first. Should we consider this issue closed? -- GitHub Notification of comment by AngeloKai Please view or discuss this issue at https://github.com/w3c/webauthn/issues/206#issuecomment-261666045 using your GitHub account
Received on Friday, 18 November 2016 23:09:49 UTC