Re: [webauthn] #getAssertion alg needs to pass authenticator selection requirements to authenticatorGetAssertion operation

Actually it looks intentional to me - [§5.4.4 Authenticator Selection Criteria][spec] reads:

>**requireUserVerification**
>[...] If the parameter is set to true, the authenticator MUST perform user verification when performing the `create()` operation and future §5.1.4 Use an existing credential to make an assertion operations when it is requested to verify the credential.

Note the _and future "make an assertion" operations_.

[spec]: https://w3c.github.io/webauthn/#authenticatorSelection

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/644#issuecomment-339344258 using your GitHub account

Received on Wednesday, 25 October 2017 14:15:35 UTC