Re: [webauthn] Update the RP operation section to be "not normative"

Although I think I understand the @AngeloKai's motivation for proposing these changes, I agree with @jyasskin -- this spec defines a cryptographic protocol (as well as a Web API (and more!)) and the RP operations are simply defining what the RP must do in order to faithfully participate in the protocol, thus gaining the security benefits of doing so. It is common practice in _protocol_ specs to stipulate the behavior of both endpoints. I'm sorry, but I do not think we should make the changes proposed by this PR.

GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 6 December 2017 21:17:42 UTC