- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Tue, 29 Oct 2019 22:16:15 +0000
- To: public-webauthn@w3.org
equalsJeffH has just merged agl's pull request 1316 for https://github.com/w3c/webauthn:
== Truncate strings for authenticators where needed. ==
There exist a significant number of authenticators that do not conform
to the current WebAuthn requirements in that they fail requests with
name/displayName strings longer than 64 bytes, rather than truncating
them.
This change adds a new requirement on user-agents that they maintain the
authenticator model for RPs by doing the truncation on their behalf in
this case. The alternative is that each RP will hit this edge-case and
do the truncation itself, thus the ecosystem will never be able to
support longer strings.
Since user-agents may now be doing truncation, this change also permits
truncation at the level of grapheme clusters (since user-agents
presumably have Unicode tables available).
Fixes #1296.
<!--
This comment and the below content is programatically generated.
You may add a comma-separated list of anchors you'd like a
direct link to below (e.g. #idl-serializers, #idl-sequence):
Don't remove this comment or modify anything below this line.
If you don't want a preview generated for this pull request,
just replace the whole of this comment's content by "no preview"
and remove what's below.
-->
***
<a href="https://pr-preview.s3.amazonaws.com/agl/webauthn/pull/1316.html" title="Last updated on Oct 17, 2019, 8:57 PM UTC (e75a6f0)">Preview</a> | <a href="https://pr-preview.s3.amazonaws.com/w3c/webauthn/1316/36fe4ed...agl:e75a6f0.html" title="Last updated on Oct 17, 2019, 8:57 PM UTC (e75a6f0)">Diff</a>
See https://github.com/w3c/webauthn/pull/1316
Received on Tuesday, 29 October 2019 22:16:17 UTC