- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Fri, 07 Sep 2018 21:00:38 +0000
- To: public-webauthn@w3.org
>revealing this data only post authentication is a substantial mitigation. To be precise, it doesn't look to me like that's what's being proposed. I'm guessing that what @jcjones meant by >[...] this mechanism [...] is only available after the user explicitly intervenes w/ the authentication ceremony is that it only happens after the user confirms consent to proceed with the _registration_ operation. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1050#issuecomment-419564519 using your GitHub account
Received on Friday, 7 September 2018 21:00:39 UTC