Although I think I understand the @AngeloKai's motivation for proposing these changes, I agree with @jyasskin -- this spec defines a cryptographic protocol (as well as a Web API (and more!)) and the RP operations are simply defining what the RP must do in order to faithfully participate in the protocol, thus gaining the security benefits of doing so. It is common practice in _protocol_ specs to stipulate the behavior of both endpoints. I'm sorry, but I do not think we should make the changes proposed by this PR. -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/pull/664#issuecomment-349777529 using your GitHub accountReceived on Wednesday, 6 December 2017 21:17:42 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:30 UTC