- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Wed, 07 Aug 2019 19:53:46 +0000
- To: public-webauthn@w3.org
discussion on 2019-08-07 call: * @agl argues that restricting the user to registering platform authnrs is not wise in that platform authnrs intended use case is essentially local re-authn, not initial sign-in when there is no ambient cred(s) present. * @akshayku notes that an RP _is able_ to do platform authnr-only, given how this all works.... * @agl notes that perhaps we give users the ability to override the RPs desires and let them register roaming/external authnr in any case * @akshayku notes that msft allows users to register either platform or external (?) * @ve7jtb notes that the restrict-to-platform-RK use case is not very user-friendly and users ought to be provided more fallback opportunities eg using a roaming authnr instead today's bottom line: we need to learn more as go along here and revisit this down the road.... -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1267#issuecomment-519245224 using your GitHub account
Received on Wednesday, 7 August 2019 19:53:47 UTC