Account -> Options; ScopedCredentialParameters from Richard Barnes on 2016-09-23 (public-webauthn@w3.org from September 2016)

From: Richard Barnes <rbarnes@mozilla.com>
Date: Fri, 23 Sep 2016 15:30:25 -0400
To: W3C WebAuthn WG <public-webauthn@w3.org>
Message-ID: <CAOAcki9cXVOX353m_ePd0XzM2GjF0ZQvFFCKnHHcaj57sP9YUA@mail.gmail.com>

Hey folks,

I can't remember if we talked about this before.  Would it make sense to
move the `account` argument to `makeCredential` into the `options`
dictionary?  It seems like there are at least some credential types that
don't require it (e.g., U2F credentials), and it makes the interface a bit
simpler.

I also wonder whether given the discussion this week it might make sense to
change the `cryptoParameters` argument to something like `constraints`, as
is done in getUserMedia [1], as a general "These are the types of
credential I support" field.  Might not be necessary if we don't want to
allow the caller to specify anything more than we do now, but might be a
way to address some of the concerns about, e.g., attestation types, that
were raised this week.

Thanks,
--Richard

[1] https://www.w3.org/TR/mediacapture-streams/#constraints

Received on Friday, 23 September 2016 19:30:55 UTC