- From: Alexei Czeskis via GitHub <sysbot+gh@w3.org>
- Date: Mon, 18 Sep 2017 22:33:42 +0000
- To: public-webauthn@w3.org
leshi has just created a new issue for https://github.com/w3c/webauthn: == Not clear what to do with cross platform authenticators during make-an-assertion step == The current text in section 4.1.4 step 16 says: ``` 16. For each authenticator currently available on this platform, perform the following steps: 1. Let allowCredentialDescriptorList be a new list. 2. If options.allowCredentials is not empty, execute a platform-specific procedure to determine which, if any, public key credentials described by options.allowCredentials are bound to this authenticator, by matching with rpId, options.allowCredentials.id, and options.allowCredentials.type. Set allowCredentialDescriptorList to this filtered list. ``` If an authenticator is `xplat` (or cross platform), say an NFC token that only appears once the user taps it, how does that jive with step 16 which says "... currently available on this platform..."? Also, "...execute a platform-specific procedure..." works for platform authenticators, but not for cross-platform authenticators. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/574 using your GitHub account
Received on Monday, 18 September 2017 22:33:34 UTC