Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations from Jeffrey Yasskin via GitHub on 2017-04-14 (public-webauthn@w3.org from April 2017)

From: Jeffrey Yasskin via GitHub <sysbot+gh@w3.org>
Date: Fri, 14 Apr 2017 17:29:07 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-294196931-1492190946-sysbot+gh@w3.org>

https://github.com/w3c/webauthn/issues/88#issuecomment-288234647 proposes a way to write these MUSTs, which constrain the behavior of the server rather than the browser or authenticator.

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/404#issuecomment-294196931 using your GitHub account

Received on Friday, 14 April 2017 17:29:13 UTC