I think it would be better to add more description regarding this at step 1 of ยง7.2 Verifying an authentication assertion. We need to provide detailed procedures for the RP server to look up credential public key with credential id and user handle. We need to mention the fact that the RP server should look up credential public keys with user id before sending an challenge and then select one from the keys after getting an assertion with credential Id in case of 2nd factor use cases. -- GitHub Notification of comment by Kieun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/715#issuecomment-351100623 using your GitHub accountReceived on Tuesday, 12 December 2017 16:15:30 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:30 UTC