Re: [webauthn] credentials.get() should have optional parameters for userVerification and userPresence from Emil Lundberg via GitHub on 2017-10-13 (public-webauthn@w3.org from October 2017)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 13 Oct 2017 23:27:40 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-336589810-1507937245-sysbot+gh@w3.org>

All that aside I agree with @akshayku and @idamlaj that optional user presence seems dangerous, but I could be convinced if there's a concrete use case. The one I've heard so far is to enable a "heartbeat" polling mechanism to detect if the user unplugs the authenticator; is that the main one being considered?

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/629#issuecomment-336589810 using your GitHub account

Received on Friday, 13 October 2017 23:27:32 UTC