W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2019

Re: [webauthn] Divide Security/Privacy Considerations into subsections by audience? (#1039)

From: Bart via GitHub <sysbot+gh@w3.org>
Date: Sun, 16 Jun 2019 16:40:28 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-502467299-1560703227-sysbot+gh@w3.org>
One thing that confused me for a moment was the disconnect between these sections:
- https://www.w3.org/TR/webauthn/Overview.html#user-verification
- https://www.w3.org/TR/webauthn/Overview.html#sec-biometric-privacy

The biometric section covers only a subset of the user verification section, but it's much more easily found by skimming the table of contents. This may lead a casual reader to wonder whether only biometrics are done locally but a PIN is shared with the RP.

-- 
GitHub Notification of comment by bdewater
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1039#issuecomment-502467299 using your GitHub account
Received on Sunday, 16 June 2019 16:40:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:05 UTC