> are you saying that the current validation rule of ignoring the counter if the current value is 0 and the previous value is unset or 0 is fine? I don't believe that I've heard anyone mention anything that would conflict with that. > I think actually using time_t would defeat the purpose of the anti cloning Absolutely. You might as well just disable the counter and save yourself the bother of a clock. -- GitHub Notification of comment by agl Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-328297124 using your GitHub accountReceived on Saturday, 9 September 2017 19:01:58 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC