- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Thu, 12 Oct 2017 11:32:23 +0000
- To: public-webauthn@w3.org
I'll answer myself again: What prevents the attacker is the assumption that the authenticator will verify the user's identity before giving up the stored account info. Context: #558 -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/622#issuecomment-336100503 using your GitHub account
Received on Thursday, 12 October 2017 11:32:14 UTC