- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Mon, 09 Mar 2020 09:28:05 +0000
- To: public-webauthn@w3.org
You're right that the user handle has much the same function as a credential ID in terms of identifying the user. A big reason why the user handle was added is that the credential ID is created by the authenticator, which makes it undesirable to use it as a database index in some cases. The user handle is instead created by the RP, so using that gives the RP greater control of its database indices. >am unsure how the userHandle attribute should be, as there seems to be some conflicting information @sachaw Would you mind pointing out some of that conflicting information? That seems like something we should get fixed. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1385#issuecomment-596420055 using your GitHub account
Received on Monday, 9 March 2020 09:28:06 UTC