W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2016

Re: [webauthn] Authenticator selection extension - should makeCredential fail if no specified authenticator can be found?

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Thu, 29 Sep 2016 07:03:49 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-250387022-1475132627-sysbot+gh@w3.org>
The rationale was to make sure that the user gets prompted by *some* 
authenticator in order to know that someone is trying to figure out 
what authenticators are present on that machine.

So this don't fail but use other authenticator was intended as a 
privacy features as we heardprivacy complaints about a more generic 
authenticator discovery feature before (which it would be in the case 
of returning a silent error code if the preferred authenticator is not
 present).

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/227#issuecomment-250387022 
using your GitHub account
Received on Thursday, 29 September 2016 07:03:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:26 UTC