Re: [webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way from Boris Zbarsky via GitHub on 2018-07-06 (public-webauthn@w3.org from July 2018)

From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
Date: Fri, 06 Jul 2018 23:09:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-403167486-1530918567-sysbot+gh@w3.org>

Does the spec actually describe what should happen when the .publicKey dictionary is missing?  As far as I can tell https://w3c.github.io/webauthn/#createCredential asserts it's present in the CredentialCreationOptions, but it's not clear to me what guarantees that, exactly...  It's also not clear to me when the "publicKey" member of CredentialRequestOptions ever gets used.

As long as the spec completely describes behavior when the dictionaries involved are missing, it should be fine as things stand.

-- 
GitHub Notification of comment by bzbarsky
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/750#issuecomment-403167486 using your GitHub account

Received on Friday, 6 July 2018 23:09:31 UTC