Re: [webauthn] Define Public Key Credential Source and Credential ID.

@mikewest That's right, and now that I'm thinking about this again, I'm not sure why I was generally positive on @rlin1's suggested naming (although I still don't hate it). We (Mike and I) talked about this during the merge, and decided that we should use the short name ("Credential") for the concept that's actually used by Javascript. Using `Assertion` in Javascript is probably not ok, since there can be other kinds of assertions, and using `CredentialAssertion` in JS when JS never sees `Credential` is kinda confusing.

I won't be at the WebAuthn meeting Wednesday, but I'd appreciate if the group could develop an opinion about the naming choices and report back. The choices so far are, for the capability/proof-of-possession/verifier:

1. My "Credential Source"/"Credential"/"Credential Verifier"
2. @rlin1's "Credential"/"Credential Assertion"/"Credential Verifier"

We *could* also use the "Credential Assertion" terminology in WebAuthn, but still call the type `Credential` in Javascript, although that might be confusing.

@nadalin I'm not sure what changes in here look breaking. This patch is just a bunch of definitions. Renaming the `Credential` type is breaking, but that's not proposed yet.

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/620#issuecomment-337455260 using your GitHub account

Received on Wednesday, 18 October 2017 04:10:32 UTC