Re: [webauthn] Add acceptable trust anchors to AuthenticatorSelectionCriteria

FWIW, @balfanz argued that we have two classes of users, neither of who needs this support in V1:
1. Public-facing sites like Facebook, Twitter, etc.: These sites are likely to accept any trust anchor, since it's better than a password.
2. Enterprises, maybe banks, etc.: These sites can tell their users "use exactly the key I give you", and it's ok if the UX for the user presenting a different key only fails after the key is presented.

I find that reasonably convincing and would be ok with this whole set of selection APIs being postponed until V2.

GitHub Notification of comment by jyasskin
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 7 June 2017 16:10:45 UTC