- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 23 May 2018 13:17:14 +0000
- To: public-webauthn@w3.org
@agl Sorry, you're right - credential existence is only revealed if some algorithm path results in immediate response to the RP. If all paths lead to a user prompt, there should be no issue. I retract my objection. >Do you mean that it could be merged with the subsequent case because the actions are almost identical? Yes, I mean to either merge them or somehow say that "If the user exercises a user-interface option to cancel the process" is just another way to set the abort signal. I was imagining that as the "obvious" way for the browser would implement it, but I'll admit I don't really know how those signals work or are usually used. But it might be worthwhile to mention that explicitly, and I see how doing both in the subsequent case would probably be clumsy. If there's a good way to cover both with the same case then that would be preferable, but I'm fine either way. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/906#issuecomment-391342841 using your GitHub account
Received on Wednesday, 23 May 2018 13:17:22 UTC