- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Wed, 19 Aug 2020 16:30:38 +0000
- To: public-webauthn@w3.org
agl has just submitted a new pull request for https://github.com/w3c/webauthn: == Make largeBlobs explicit during create. == Once largeBlobKey (at CTAP2) became something that the authenticator could derive I had hoped that we could simplify the WebAuthn level extension and not have a creation extension. Instead, user agents could just always create a largeBlobKey in contexts where the extension could be used. However 100% (i.e. both) people who have looked at this now though that was non-obvious and so it's probably Too Cute and should be More Explicit. Also, it's been suggested that it would be a waste of a resident credential if the RP needed to store a blob and only found out after at assertion time that it wouldn't work. See https://github.com/w3c/webauthn/pull/1470 -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 19 August 2020 16:30:40 UTC