- From: John Bradley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 31 Jul 2020 21:40:16 +0000
- To: public-webauthn@w3.org
Platform authenticators on phones always have UV so you must be talking about roaming authenticators. If there is no pin or uv provisioned then you can make with rk=true and it will work. That is basically the same as uv preferred logic. I think the only change with i) is that you want to treat uv as required if the platform can guide the user to set a pin or uv. If CTAP2 is not supported or it is a U2F key then you have to make a rk=false credential. Another question to consider. If preferred and credential storage is full should the platform try it as rk=true and if it gets a error retry rk=false?. -- GitHub Notification of comment by ve7jtb Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1463#issuecomment-667390327 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 31 July 2020 21:40:17 UTC