Re: [webauthn] [PR 384] Does requireUserMediation() make sense after merge from Jeffrey Yasskin via GitHub on 2017-04-14 (public-webauthn@w3.org from April 2017)

From: Jeffrey Yasskin via GitHub <sysbot+gh@w3.org>
Date: Fri, 14 Apr 2017 16:38:27 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-294187294-1492187906-sysbot+gh@w3.org>

Developers won't use `requireUserMediation()` to interact with their public-key credential-sources since #384 doesn't define `[[CollectFromCredentialStore]]`, which is the only way https://w3c.github.io/webappsec-credential-management/#algorithm-request takes advantage of the [`requires user mediation flag`](https://w3c.github.io/webappsec-credential-management/#origin-requires-user-mediation-flag) to skip user mediation.

If a touchless WebAuthn device is ever added, this group would have to decide how it interacts with the `requires user mediation flag`, but that's an issue for a future version of this spec.

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/402#issuecomment-294187294 using your GitHub account

Received on Friday, 14 April 2017 16:38:34 UTC