W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] appid extension: value when not acted upon?

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 13 Jun 2018 18:52:10 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-397046828-1528915929-sysbot+gh@w3.org> 
Hm, I hadn't considered that could happen. I'm not sure the spec "allows" for not acting upon extensions that are supported: both [create()][create] and [get()][get] seem to implicitly forbid that by not specifying an algorithm branch where the extension is supported but not acted upon.

[create]: https://w3c.github.io/webauthn/#createCredential
[get]: https://w3c.github.io/webauthn/#getAssertion

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/948#issuecomment-397046828 using your GitHub account
Received on Wednesday, 13 June 2018 18:52:16 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC