Re: [webauthn] It would be nice if the definition of "Scoped Credential" said something about what `identifier` and `type` are

>From reading the current text, it seems really clear. The text is here: 

The PublicKeyCredential interface object's [[type]] internal slot's value is the string "public-key".
Note: This is reflected via the type attribute getter inherited from Credential.

type, of type DOMString, readonly 
This attribute’s getter returns the value of the object’s interface object's [[type]] slot, which specifies the kind of credential represented by this object.

The Credential interface object has an internal slot named [[type]], which unsurprisingly contains a string representing the type of the credential. The slot’s value is the empty string unless otherwise specified.
Note: The [[type]] slot’s value will be the same for all credentials implementing a particular interface, which means that developers can rely on obj.type returning a string that unambigiously represents the specific kind of Credential they’re dealing with.

The PublicKeyCredential interface object's [[discovery]] internal slot's value is "remote".
This internal slot contains an identifier for the credential, chosen by the platform with help from the authenticator. This identifier is used to look up credentials for use, and is therefore expected to be globally unique with high probability across all credentials of the same type, across all authenticators. This API does not constrain the format or length of this identifier, except that it must be sufficient for the platform to uniquely select a key. For example, an authenticator without on-board storage may create identifiers containing a credential private key wrapped with a symmetric key that is burned into the authenticator.

GitHub Notification of comment by AngeloKai
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 6 September 2017 19:05:51 UTC