- From: Mike West via GitHub <sysbot+gh@w3.org>
- Date: Tue, 18 Apr 2017 18:34:22 +0000
- To: public-webauthn@w3.org
> @equalsJeffH @mikewest Are you proposing we change the challenge to be a DOMString? I'm suggesting that, yes. Coupled with changes to the algorithms which would throw a `TypeError` if the string isn't a valid `base64url`-encoded string, that seems sufficiently unlikely to be a) generated client-side, or b) confusing. :) > @vijaybh @leshi I remembered the reason why challenge is base64url encoding is partially because of CTAP, correct? For clarity, the `challenge` property is currently a `BufferSource`. We `base64url`-encode it as part of the algorithms above when creating the `CollectedClientData` object. I'd suggest we simply drop that, and expect the developer to provide a pre-encoded string. -- GitHub Notification of comment by mikewest Please view or discuss this issue at https://github.com/w3c/webauthn/issues/404#issuecomment-294939713 using your GitHub account
Received on Tuesday, 18 April 2017 18:34:29 UTC