W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] PublicKeyCredentialUserEntity difference between name, displayName and id not clear

From: Johan Verrept via GitHub <sysbot+gh@w3.org>
Date: Thu, 12 Oct 2017 09:29:45 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-336073959-1507800570-sysbot+gh@w3.org>
@emlun No. User.id was added by Google and contains a binary lookup key for their user database. It is not human readable and not intended to be. 

As I understand it, Name is supposed to be the login name as used traditionally.  Display Name is just a pretty printing name.

In an authenticator with a display or in the case of multiple accounts in a first factor situation (see CTAP), we need a unique, printable identifier to show to the user that unique identifies this credential (ie, the traditional user name which is instantly recognizable to the user). The displayName could be the pretty printing name of this account.

For example, if a user has multiple accounts on gmail:

    id : "00000001",
    name:  "john.doe.work@gmail.com",
    displayName:  "John Doe",
    id : "00000002",
    name:  "john.doe.private@gmail.com",
    displayName:  "John Doe",

User.id is a relying party specific field that is basically a database lookup field.

None of this is obvious from the current language.

GitHub Notification of comment by jovasco
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/622#issuecomment-336073959 using your GitHub account
Received on Thursday, 12 October 2017 09:29:35 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC