Re: [webauthn] Section 4.1.4 Use Existing Credential "get"

If the caller doesn't provide any list of credentials, i.e. options.allowCredentials is empty, then all connected authenticators need to be asked.  This is the password replacement case.

Whether this is done as separate case a or implicitly is not that important.

GitHub Notification of comment by rlin1
Please view or discuss this issue at using your GitHub account

Received on Saturday, 17 June 2017 13:05:01 UTC