W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] Nothing required in PublicKeyCredentialEntity

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 03 Oct 2017 11:34:45 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-333815317-1507030471-sysbot+gh@w3.org>
>Currently the PublicKeyCredentialEntity has no required members, and it appears to be acceptable to pass an empty object to publicKey.rp. Was that the intent?

This looks like an editorial mistake. [§4.4][rp] specifies that `rp.name` is required.

>Same concern for PublicKeyCredentialUserEntity, which also doesn't seem to have any meaningful information (such as an id for the user).

That type inherits `id` in the 2017-08-11 draft. In the 2017-09-28 draft the property has been moved down, and is also specified in [§4.4][user] to be required.

[rp]: https://w3c.github.io/webauthn/#dom-makepublickeycredentialoptions-rp
[user]: https://w3c.github.io/webauthn/#dom-makepublickeycredentialoptions-user

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/587#issuecomment-333815317 using your GitHub account
Received on Tuesday, 3 October 2017 11:34:34 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC