Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries from Akshay Kumar via GitHub on 2018-07-11 (public-webauthn@w3.org from July 2018)

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 11 Jul 2018 00:00:42 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-404002629-1531267241-sysbot+gh@w3.org>

Authenticators don't need to deal with Unicode character boundaries and should do only byte length checks. Platforms can probably do the Unicode checks before sending it to the client. As a general principle for next level, IMO, we should be very careful of increasing complexity from the authenticator side.

-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/973#issuecomment-404002629 using your GitHub account

Received on Wednesday, 11 July 2018 00:00:47 UTC