I support dropping the TUP requirement for platform (built-in authenticators). We should do this only if excludeCredentials.length == 0, otherwise a relying party may silently query for credentials via the excludeCredentials parameter. -- GitHub Notification of comment by idamlaj Please view or discuss this issue at https://github.com/w3c/webauthn/issues/564#issuecomment-333604274 using your GitHub accountReceived on Monday, 2 October 2017 17:28:16 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC