W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2018

Re: [webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 04 Oct 2018 10:43:04 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-426970949-1538649783-sysbot+gh@w3.org>
>The spec needs to define what happens when the `publicKey` member is not present. [...] I _think_ the idea is to not call the relevant #createCredential at all if the corresponding member is not present in `CredentialCreationOptions`

Yes, I think that behaviour is implied by the CredMan spec (see https://github.com/w3c/webauthn/issues/750#issuecomment-403434610 and the subsequent few comments), so I don't think we really need to do much more here. As far as I can tell, the one thing we _do_ need to figure out in order to integrate correctly with CredMan on this is to align the `"public-key"` type value and the `publicKey` member name.

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/750#issuecomment-426970949 using your GitHub account
Received on Thursday, 4 October 2018 10:43:06 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:35 UTC