[webauthn] Does AuthenticationExtensionsClientOutputs key have to be extension identifier or not? (#1430) from Yoshikazu Nojima via GitHub on 2020-05-30 (public-webauthn@w3.org from May 2020)

From: Yoshikazu Nojima via GitHub <sysbot+gh@w3.org>
Date: Sat, 30 May 2020 12:08:03 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-627718095-1590840482-sysbot+gh@w3.org>

ynojima has just created a new issue for https://github.com/w3c/webauthn:

== Does AuthenticationExtensionsClientOutputs key have to be extension identifier or not? ==
In section 9.3(https://w3c.github.io/webauthn/#sctn-extension-request-parameters), it is stated that 

> The entry key is the extension identifier

But Credential Protection extension defined in CTAP2.1, whose extension identifier is `credProtect`, has following definition. Its key doesn't match the extention identifier and moreover, it has two keys.
```
partial dictionary AuthenticationExtensionsClientInputs {
  USVString credentialProtectionPolicy;
  boolean enforceCredentialProtectionPolicy = false;
};
```

Does the extension definision have to be updated? or Is the extension key naming rule to be relaxed?



Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1430 using your GitHub account

Received on Saturday, 30 May 2020 12:08:05 UTC