I think the format difference between the two won't matter in practice - except perhaps in how the client stores them internally, as @agl pointed out. But for interop purposes it should make no difference: The client will have both the RP ID and the AppID; non-U2F authenticators will get the RP ID as usual (and will never see a FIDO AppID); and U2F authenticators will get the SHA256 hash of the AppID and won't actually see the underlying AppID. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/723#issuecomment-353212500 using your GitHub accountReceived on Wednesday, 20 December 2017 23:25:45 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:30 UTC