@christiaanbrand >Remember this whole deal is _only_ about resident-credentials. [...] it should explicitly not be present if the keypair is being used as a second factor. >[...] authenticators should never return userid (or any account info for that matter) when a signature was requested using a CredentialID [this means it's being used as a second factor]. Ah, those pieces of context had gone right over my head. In that case it makes sense. Sorry for making a fuss. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/558#issuecomment-331612354 using your GitHub accountReceived on Saturday, 23 September 2017 05:37:52 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC