W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2018

Re: [webauthn] Authenticators that do not recognize any handles shouldn't just be dropped on the floor

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Apr 2018 08:42:23 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-384208877-1524645742-sysbot+gh@w3.org>
>rigorous user study, right??

It's definitely better than my pure speculation, at least. :smile:

>Regarding platform authenticators, Chrome does intend to have a dialog to notify the user (and not call down to the platform authenticator, so as to prevent OS popups), after which Chrome will return to the RP.

I don't quite understand what you mean by that - notify the user about what? In the scenario where a laptop has a platform authenticator built in and `navigator.credentials.get()` is called with `allowCredentials: [{ id: "foo" }]`, where `foo` is on a currently disconnected USB key, what would Chrome do?

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/863#issuecomment-384208877 using your GitHub account
Received on Wednesday, 25 April 2018 08:42:26 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC