W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] RP guidelines should allow RP to not check attestation

From: Angelo Liao via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Oct 2017 18:54:09 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-339434017-1508957648-sysbot+gh@w3.org>
It's a good idea to not have the MUST keyword in the RP verification description, I don't believe we can ever impose conformance requirement to RPs. That is beyond the control of anyone. Although FIDO has certified servers, that is purely FIDO's business not W3C's. 

Overall the issue is editorial. I am assigning the issue to CR time for clarification. 

@equalsJeffH @nadalin @YubicoDemo for tracking. 

GitHub Notification of comment by AngeloKai
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/576#issuecomment-339434017 using your GitHub account
Received on Wednesday, 25 October 2017 18:54:11 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:29 UTC