W3C home > Mailing lists > Public > public-webauthn@w3.org > December 2017

Re: [webauthn] Authnr selection aaguidlist

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 20 Dec 2017 21:17:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-353184827-1513804657-sysbot+gh@w3.org>
Overall, this PR looks fine to me but this is breaking WD07 which we all agreed was feature complete and probably not needed. Correct me if I am wrong here. 

There are two kinds of RPs, one who care about particular authenticators (for whatever reason, legal or otherwise and I don't want to rehash that discussion) and ones who don't care. Both of these can be addressed by current spec via direct attestation or null attestation(default case). This PR will short circuit faster (platform deciding earlier instead of RP) but essentially both ways achieve the same thing. If I remember correctly, there are other selection criterias (in addition to AAGUID) also which were pushed to L2 sometime back.

Should we take care of this in L2 or do we need it now?
 

-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/479#issuecomment-353184827 using your GitHub account
Received on Wednesday, 20 December 2017 21:17:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:45 UTC