- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Sat, 23 Sep 2017 05:38:00 +0000
- To: public-webauthn@w3.org
@christiaanbrand >Remember this whole deal is _only_ about resident-credentials. [...] it should explicitly not be present if the keypair is being used as a second factor. >[...] authenticators should never return userid (or any account info for that matter) when a signature was requested using a CredentialID [this means it's being used as a second factor]. Ah, those pieces of context had gone right over my head. In that case it makes sense. Sorry for making a fuss. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/558#issuecomment-331612354 using your GitHub account
Received on Saturday, 23 September 2017 05:37:52 UTC