I would be OK with a) explicitly mentioning per-credential signature counters. This is NOT a breaking change IMHO as it would not affect the browser, the server or existing authenticators. New authenticator could implement that scheme if they want. I would also argue that implementing that is not explicitly disallowed today. b) recommend ("should...") implementation of per-credential signature counters. -- GitHub Notification of comment by rlin1 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/871#issuecomment-384377956 using your GitHub accountReceived on Wednesday, 25 April 2018 17:57:36 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC