Re: [webauthn] Authnr selection aaguidlist

Overall, this PR looks fine to me but this is breaking WD07 which we all agreed was feature complete and probably not needed. Correct me if I am wrong here. 

There are two kinds of RPs, one who care about particular authenticators (for whatever reason, legal or otherwise and I don't want to rehash that discussion) and ones who don't care. Both of these can be addressed by current spec via direct attestation or null attestation(default case). This PR will short circuit faster (platform deciding earlier instead of RP) but essentially both ways achieve the same thing. If I remember correctly, there are other selection criterias (in addition to AAGUID) also which were pushed to L2 sometime back.

Should we take care of this in L2 or do we need it now?

GitHub Notification of comment by akshayku
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 20 December 2017 21:17:40 UTC