Re: [webauthn] Section 4.1.4 Use Existing Credential "get"

It turns out that the above approach ( is what is already in the spec at this time (and even before) (doh!). 

in looking further into this, I'm thinking we should perhaps try...

1. create a list of all authenticators involved
2. For each authenticator currently available on this platform, perform the following steps:
    1. If options.allowCredentials is not empty, find all creds listed in the latter that are bound to
       this authenticator. 
    2. If the latter list is not empty, then find all distinct transports listed in all authnr descriptors
     in the latter list. Let this list be distinctTransports.
    3. if the distinct transports list is not empty, then the client SHOULD select one transport 
    value from distinctTransports. Then, using transport, invoke in parallel the 
    authenticatorGetAssertion operation on authenticator, with rpId, clientDataHash, 
    allowCredentialDescriptorList, and authenticatorExtensions as parameters. 


..which, i think, would invoke the authnr once per collection of cred descriptors.


GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at using your GitHub account

Received on Friday, 16 June 2017 03:39:01 UTC