- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Thu, 27 Apr 2017 19:03:20 +0000
- To: public-webauthn@w3.org
@jyasskin wrote: > The important bit is to distinguish the credential, which is actually presented to the RP, from the thing that can generate credentials, which is locked inside a secure element. Agreed. Note that [scoped credential's definition](https://w3c.github.io/webauthn/#scoped-credential) aligns with that, although the term used in [RFC4949](https://www.ipa.go.jp/security/rfc/RFC4949-04CEN.html#credential) for what credman is (presently) terming "credential source" is "authentication information" (see the "tutorial" portion of the latter reference). "credential source" is offhand fine by me, but perhaps credman could reference RFC4949's definition and term as a footnote/sidebar/whatever. though, a credential source (aka authn info) may or may not be "locked inside a secure element". whether it is or not is yet another facet of all of this... -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/430#issuecomment-297809024 using your GitHub account
Received on Thursday, 27 April 2017 19:03:27 UTC