[w3c/webauthn] 3b2a1d: Don't return user handle in getAssertion in 2nd fa... from GitHub on 2017-12-20 (public-webauthn@w3.org from December 2017)

From: GitHub <noreply@github.com>
Date: Wed, 20 Dec 2017 08:35:57 -0800
To: public-webauthn@w3.org
Message-ID: <5a3a916d84c62_273d72b23d98d3c041779b@hookshot-fe-dfcc362.cp1-iad.github.net.mai>

  Branch: refs/heads/issue-720-user-handle-optional
  Home:   https://github.com/w3c/webauthn
  Commit: 3b2a1d141cbd8f2954f073a6b6598d954398a986
      https://github.com/w3c/webauthn/commit/3b2a1d141cbd8f2954f073a6b6598d954398a986
  Author: Emil Lundberg <emil@yubico.com>
  Date:   2017-12-20 (Wed, 20 Dec 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Don't return user handle in getAssertion in 2nd factor mode

As stated in
https://github.com/w3c/webauthn/pull/558#issuecomment-331537953 and
https://github.com/w3c/webauthn/pull/558#issuecomment-330592503 the user
handle should not be returned when operating in 2nd factor mode (i.e.,
when given a non-empty `allowCredentials` list).

Received on Wednesday, 20 December 2017 16:36:29 UTC