- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 31 Oct 2017 12:21:31 +0000
- To: public-webauthn@w3.org
Do you mean "why SHOULD and not MUST"? If so: yes, it'll probably be the login name in most cases, but there's no reason to require (nor a way to enforce) that the RP uses it for that. As I understand it the intended use for it is primarily as a recognizable identifier to help the user choose a credential when an authenticator contains multiple first factor credentials with the same `displayName`, but I can't seem to find where I got that from. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/666#issuecomment-340745729 using your GitHub account
Received on Tuesday, 31 October 2017 12:21:34 UTC