[webauthn] Move `allowList` from optional to default on `getAssertion` from bifurcation via GitHub on 2016-09-28 (public-webauthn@w3.org from September 2016)

From: bifurcation via GitHub <sysbot+gh@w3.org>
Date: Wed, 28 Sep 2016 06:38:02 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-179691581-1475044681-sysbot+gh@w3.org>

bifurcation has just created a new issue for 
https://github.com/w3c/webauthn:

== Move `allowList` from optional to default on `getAssertion` ==
The relying party cannot use an assertion from a credential for which 
it does not have the public key.  So the API should only allow an RP 
to `getAssertion` from a credential whose ID it provides.  This just 
requires moving `allowList` from the `options` argument to 
`getAssertion` to the main method signature.

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/221 using your GitHub account

Received on Wednesday, 28 September 2016 06:38:29 UTC