- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Mon, 05 Feb 2018 21:34:16 +0000
- To: public-webauthn@w3.org
By the way I'd also like to note that in the end it falls on the RP to verify any claimed performance certification by inspecting the attestation statement, and not blindly trust the client to do this verification. It is thus not _critical_ to the integrity of the protocol that the client can derive these properties perfectly or even reliably, but it is of course nice if the extension can enable failing early. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/510#issuecomment-363228751 using your GitHub account
Received on Monday, 5 February 2018 21:34:19 UTC