Why can this not be *required* for all resident-credential FIDO2 authenticators? Remember this whole deal is *only* about resident-credentials. If it's a U2F-type authenticator (even in FIDO2 land) none of this stuff is required. As Jeffrey mentioned yesterday, it should *explicitly* not be present if the keypair is being used as a second factor. -- GitHub Notification of comment by christiaanbrand Please view or discuss this issue at https://github.com/w3c/webauthn/pull/558#issuecomment-331535523 using your GitHub accountReceived on Friday, 22 September 2017 19:10:53 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC