[webauthn] Not clear what to do with cross platform authenticators during make-an-assertion step from Alexei Czeskis via GitHub on 2017-09-18 (public-webauthn@w3.org from September 2017)

From: Alexei Czeskis via GitHub <sysbot+gh@w3.org>
Date: Mon, 18 Sep 2017 22:33:42 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-258641515-1505774011-sysbot+gh@w3.org>

leshi has just created a new issue for https://github.com/w3c/webauthn:

== Not clear what to do with cross platform authenticators during make-an-assertion step ==
The current text in section 4.1.4 step 16 says:

```
16. For each authenticator currently available on this platform, perform the following steps:

  1. Let allowCredentialDescriptorList be a new list.
  2. If options.allowCredentials is not empty, execute a platform-specific procedure to determine 
      which, if any, public key credentials described by options.allowCredentials are bound to this 
      authenticator, by matching with rpId, options.allowCredentials.id, and 
       options.allowCredentials.type. Set allowCredentialDescriptorList to this filtered list.
```

If an authenticator is `xplat` (or cross platform), say an NFC token that only appears once the user taps it, how does that jive with step 16 which says "... currently available on this platform..."?

Also, "...execute a platform-specific procedure..." works for platform authenticators, but not for cross-platform authenticators.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/574 using your GitHub account

Received on Monday, 18 September 2017 22:33:34 UTC