Re: [webauthn] New platform authenticators are making discoverable credentials regardless of residentKey=false passed to Create() (#1457) from Arian van Putten via GitHub on 2020-09-11 (public-webauthn@w3.org from September 2020)

From: Arian van Putten via GitHub <sysbot+gh@w3.org>
Date: Fri, 11 Sep 2020 10:03:34 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-690998960-1599818613-sysbot+gh@w3.org>

@sbweeden the cited line was part of L1 too though  See step 4 of https://www.w3.org/TR/webauthn/#op-make-cred

> If requireResidentKey is true and the authenticator cannot store a client-side-resident public key credential source, return an error code equivalent to "ConstraintError" and terminate the operation.




-- 
GitHub Notification of comment by arianvp
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1457#issuecomment-690998960 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 11 September 2020 10:05:17 UTC