Re: [webauthn] Conflict between WebAuthn and CTAP2 handling of userVerification mapping (#1306)

@ve7jtb Thanks for the info, this is very good to know. Are you by any chance able to provide a rough ETA for a public CTAP 2.1 draft?

With this change, my original proposal is no longer that relevant. The only difference between "authenticator" and "credential" UV scope that remains is that the former can track UV even if it is enabled after a credential has been created for the first time, but in return requires a full reset of the authenticator whenever UV is deactivated. This seems minor enough that I will close the issue for now. Once CTAP 2.1 becomes public, this topic could be revisited.

-- 
GitHub Notification of comment by FabianHenneke
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1306#issuecomment-577593963 using your GitHub account

Received on Thursday, 23 January 2020 09:17:13 UTC