W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] Allow clients to stop the `get` flow when certain conditions are met

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Fri, 08 Jun 2018 18:57:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-395856738-1528484258-sysbot+gh@w3.org>
ah, hm, we seem to have some terminology vagueness here.

[platform credential](https://w3c.github.io/webauthn/#platform-credential) is defined as  being a "A public key credential bound to a platform authenticator".  per issue #462 it seems that "bound" is being used equivalently to "managed by". I argue that the latter term is more descriptive of the relationship, because, apparently, a given platform authenticator mey manage its credentials as [client-side](https://w3c.github.io/webauthn/#client-side)-resident [public key credential sources](https://w3c.github.io/webauthn/#public-key-credential-source), and another platform authenticator may manage its creds as server-side-resident [public key credential sources](https://w3c.github.io/webauthn/#client-side).

I've updated issue #358 to suggest replacing [Client-side-resident Credential Private Key](https://w3c.github.io/webauthn/#client-side-resident-credential-private-key) with a "Client-side-resident [Credential Public Key Source](https://w3c.github.io/webauthn/#public-key-credential-source)" term with "resident credential" as the abbreviated form.

we ought to define "client-side-resident" and "server-side-resident", see issue #462 

GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/905#issuecomment-395856738 using your GitHub account
Received on Friday, 8 June 2018 18:57:42 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC