- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 11 Jun 2019 17:06:42 +0000
- To: public-webauthn@w3.org
As was discussed on recent WG calls, I think that `isUserVerificationSupported` is really getting at whether the client supports PIN entry - because on-authenticator UV such as a fingerprint scanner requires no special support from the client, and UV on a platform authenticator is supported if and only if `isUVPAA()` returns true. However: suppose we rename `isUserVerificationSupported` to `isPinEntrySupported`. Is that actually useful to the RP? What if the user wants to use a biometric authenticator? Since there's no way for the RP to control whether to use PIN or other UV, won't the RP have to resort to `userVerification: "preferred"/"required"` anyway? -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1219#issuecomment-500935950 using your GitHub account
Received on Tuesday, 11 June 2019 17:06:44 UTC