Re: [webauthn] Add keyStorage enum to ScopedCredentialOptions

I don't think that authenticator typically would want to implement 
both options.
I one authenticator can store the key material locally, then there is 
no need and no benefit (IMHO) to store the key wrapped at the RP.

So rather than introducing yet another concept of dynamically 
controlling the authenticator behavior, we should assume a static key 
storage location, i.e. one AAGUID will always store keys in the same 
way (either locally or remotely in wrapped form).
If we do so, the already have the ability for the RP to select 
authenticator based on AAGUIDs - and hence no need to further 
complicate the API.

GitHub Notification of comment by rlin1
Please view or discuss this issue at 
using your GitHub account

Received on Wednesday, 1 March 2017 19:04:55 UTC