Re: [webauthn] Question about platform authenticator (#1540)

A relying party UX can inform the user of what is acceptable, and can refuse things which are not acceptable with a user-displayed error - but the API itself does not provide filtering capabilities for makes and models.

The expectation is that for relying parties which do not have specific security needs (such as a bank, employer, or government agency) that _any_ authenticator the user brings which meets technical requirements is acceptable.

GitHub Notification of comment by dwaite
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Friday, 11 December 2020 05:35:59 UTC