Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global

> We're talking about the last step of the "when this operation is invoked" steps of here, I think.

the #op-make-cred section is part of an abstract functional model as described in the intro portion of #[authenticator-model](, and it does not define the mechanics of how the authenticator ops return values to the user agent. The 3d paragraph says:
> For authenticators, this model defines the logical operations that they must support, and the data formats that they expose to the client and the Relying Party. However, it does not define the details of how authenticators communicate with the client platform...

However, we attempt to address that from the user agent perspective in e.g. Step 17 branch "If any authenticator indicates success" of #[makeCredential]( by indicating that the new ScopedCredentialInfo object (into which the value returned by #op-make-cred is copied) is allocated from `|global|`, which itself is this WebAuthentication object’s environment settings object’s global object.  And similarly for #[getAssertion]( in its Step 13.

Does this make sense / help ?  

GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at using your GitHub account

Received on Tuesday, 14 March 2017 21:07:59 UTC