There's still no way in the current spec for the bank to actually enforce that, though, only to make it inconvenient by not setting the account name. I might very well be bikeshedding here, since the RP can always just set an empty or bogus value, but I feel more inclined to take the user's side in this. I've changed my mind back to thinking `user.name` should probably be left required, but I agree with making `rp.name` and `user.displayName` optional. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/666#issuecomment-354519996 using your GitHub accountReceived on Saturday, 30 December 2017 01:26:49 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:30 UTC