- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 13 Mar 2019 16:38:02 +0000
- To: public-webauthn@w3.org
>I can see an argument for the RP to create a credential that can only be used with an allow list. Ah, I hadn't considered that aspect of it, that does make sense. One issue with unsolicited extensions is that RPs that implement the L1 RP operations as written would reject L2 authenticators, so if we want to go down that route it's probably best to try to move this quickly - maybe even issue errata for the L1 RP ops. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/991#issuecomment-472503566 using your GitHub account
Received on Wednesday, 13 March 2019 16:38:04 UTC