- From: Evan Heaton via GitHub <sysbot+gh@w3.org>
- Date: Tue, 07 Apr 2020 17:12:17 +0000
- To: public-webauthn@w3.org
Even in the case of resident keys, won't the authenticator return the selected user handle alongside the assertion? Then, based on that received user handle the RP could look up just the credentials for that user, find the match for credentialId (since it would be unique within the scope of that user), and continue with the assertion verification. -- GitHub Notification of comment by epheat Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1403#issuecomment-610511460 using your GitHub account
Received on Tuesday, 7 April 2020 17:12:20 UTC