[webauthn] authenticatorGetAssertion showing selection UI for external authenticators from mpolanco via GitHub on 2016-10-04 (public-webauthn@w3.org from October 2016)

From: mpolanco via GitHub <sysbot+gh@w3.org>
Date: Tue, 04 Oct 2016 21:29:13 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-181009842-1475616552-sysbot+gh@w3.org>

mpolanco has just created a new issue for 
https://github.com/w3c/webauthn:

== authenticatorGetAssertion showing selection UI for external 
authenticators ==
Section 5.1.2 states: 

> Prompt the user to select a credential from among the above list. 
Obtain user consent for using this credential. The prompt for 
obtaining this consent may be shown by the authenticator if it has its
 own output capability, or by the user agent otherwise.

In the case where no allowList is provided, if multiple credentials 
are available for the specific domain on an external authenticator 
with no output capability, who is doing the selection prompting here? 
Wouldn't the user agent not have access to the contents of the 
external device or its specific model? My guess would be that the 
platform has to show the selection UI here, not the user agent.

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/231 using your GitHub account

Received on Tuesday, 4 October 2016 21:29:22 UTC