- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Thu, 25 May 2017 16:33:27 +0000
- To: public-webauthn@w3.org
@jcjones wrote: > I could go either way about adding the note to PublicKeyCredentialType to the effect that PublicKeyCredentialDescriptor.id is mandatory for "public-key" types I'm confused -- which note? By "the note", perhaps you are referring to something said in conversation (eg on the webauthn call last week?) ? Where you say "[PublicKeyCredentialType](https://w3c.github.io/webauthn/#credentialType)" above, did you actually mean "[PublicKeyCredentialDescriptor](https://w3c.github.io/webauthn/#credential-dictionary)" ? > is mandatory for "public-key" types, because I feel like it's self-evident when you have a key handle. So what you are suggesting here is that if the RP does have a credential ID for a cred of type "public-key", it must supply it in the PublicKeyCredentialDescriptor.id, **_regardless of authnr capabilities_** ? Is this because some authnrs supporting "public-key" creds must be presented with the credential ID to do anything (eg U2F authnrs) ? This is not the case for all authnrs supporting "public-key" creds, yes? also, "key handle" is confusing -- that term only occurs in [S 7.6. FIDO U2F Attestation Statement Format](https://w3c.github.io/webauthn/#fido-u2f-attestation) -- did you intend to say "credential ID" ? -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/245#issuecomment-304056745 using your GitHub account
Received on Thursday, 25 May 2017 16:33:38 UTC