Re: [webauthn] Plumb User ID through

Sure. But only the actual RP will get it back, and if you have the credential ID (and can masquerade as the RP) you already have the corresponding account, right? Do we really need to limit this?

-- 
GitHub Notification of comment by christiaanbrand
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/558#issuecomment-330924503 using your GitHub account

Received on Wednesday, 20 September 2017 17:33:48 UTC