Re: [webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes? from Emil Lundberg via GitHub on 2018-05-04 (public-webauthn@w3.org from May 2018)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 04 May 2018 09:11:41 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-386545474-1525425100-sysbot+gh@w3.org>

@christiaanbrand Good catch - the entire last paragraph ("If the promise will return _False_, the client SHOULD wait a fixed period of time [...]") in [§5.1.7][spec] seems unnecessary to me. The method checks for the presence of an _authenticator_, not  a _credential_, so it should be fine to always return immediately. The text also motivates itself with not leaking information when asked to create a credential, which this method doesn't do.

[spec]: https://w3c.github.io/webauthn/#isUserVerifyingPlatformAuthenticatorAvailable

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/575#issuecomment-386545474 using your GitHub account

Received on Friday, 4 May 2018 09:11:45 UTC