Re: [webauthn] Add security consideration on detecting non-WebAuthn accounts (#1480) from =JeffH via GitHub on 2020-09-09 (public-webauthn@w3.org from September 2020)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 09 Sep 2020 19:32:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-689771782-1599679957-sysbot+gh@w3.org>

on 2020-09-09 call:  @ve7jtb notes that he's seen articles discussing this means of differentiating accounts to attack based on this approach.
@agl suggests a clarification to apply and @emlun will apply and merge.

-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1480#issuecomment-689771782 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 9 September 2020 19:32:44 UTC