Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data

@equalsJeffH I think it'd be good to capture the idea of "the same entity" in the name of this bit, even if that's captured in a word other than "identity". It could be the "same user" or "consistent user" bit?

Notionally, if we have 3 RPs, a browser, and an authenticator, they can have 5 independent ideas of users' identities, and that's ok: this API is just talking about the authenticator's idea. But I'm happy to use a word other than "identity" if we can find one.

And, all that said, I've noticed that the bit's name doesn't actually appear in the API, so it doesn't matter that much, and if you're not convinced, I won't object to "verification" any more.

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/409#issuecomment-295915268 using your GitHub account

Received on Thursday, 20 April 2017 21:11:36 UTC