- From: Shane Weeden via GitHub <sysbot+gh@w3.org>
- Date: Wed, 11 Jul 2018 13:58:21 +0000
- To: public-webauthn@w3.org
Understood. Essentially this defers acceptance criteria to RP policy, which means choices or configuration of whitelist/blacklist of key types/algorithms, leading to potential interoperability challenges. Perhaps if the spec just indicated that the acceptability of a particular key type and subsequent signature validation algorithm is at the discretion of the RP that would at least explain the intent to would-be implementors who read it later. -- GitHub Notification of comment by sbweeden Please view or discuss this issue at https://github.com/w3c/webauthn/issues/981#issuecomment-404179370 using your GitHub account
Received on Wednesday, 11 July 2018 13:58:32 UTC