nsatragno has just created a new issue for https://github.com/w3c/webauthn: == `credentials.create` should fail with "NotSupportedError" if `options.pubKeyCredParams` is empty == On `[[Create]]` method, step 9: > if credTypesAndPubKeyAlgs is empty and options.pubKeyCredParams is not empty, return a DOMException whose name is "NotSupportedError", and terminate this algorithm. "NotSupportedError" should be returned if `credTypesAndPubKeyAlgs` is empty regardless of whether `options.pubKeyCredParams` is empty or not. This is because an empty list will fail when sent to authenticators anyway (step 2 of the authenticatorMakeCredential operation), so there is no point in sending the empty list. At the moment chrome is immediately throwing `NotSupportedError` (which doesn't match the spec, it should wait for the user to tap an authenticator and return `NotAllowedError` instead) and firefox is defaulting to `{ type: "public-key", alg: -7 }` Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1383 using your GitHub accountReceived on Thursday, 5 March 2020 16:52:42 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:40 UTC