Re: [webauthn] No way to select an intended authenticator during authentication with attachment info from Emil Lundberg via GitHub on 2017-10-03 (public-webauthn@w3.org from October 2017)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 03 Oct 2017 13:30:44 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-333842210-1507037430-sysbot+gh@w3.org>

Ah yes, section 4.4 is indeed inconsistent as you point out. But doesn't `allowCredentials` already enable these features? Of course that assumes the RP has stored device metadata in the registration ceremony, but the RP would need that metadata anyway in order to verify that the user agent obeys the `authenticatorSelection`.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/583#issuecomment-333842210 using your GitHub account

Received on Tuesday, 3 October 2017 13:30:33 UTC