Re: [webauthn] Emphasise that the CollectedClientData can be extended.

Good idea. Should we add the same note to the other interfaces sent back to the RP (`PublicKeyCredential`, `AuthenticatorAttestationResponse` and `AuthenticatorAssertionResponse`)? Yubico's prototype server has so far gone with rejecting any response structure containing unknown keys anywhere (and yes, Chrome's `new_keys_may_be_added_here` caught that).

GitHub Notification of comment by emlun
Please view or discuss this issue at using your GitHub account

Received on Friday, 2 March 2018 10:44:13 UTC