- From: Shane Weeden via GitHub <sysbot+gh@w3.org>
- Date: Fri, 11 Sep 2020 10:23:17 +0000
- To: public-webauthn@w3.org
I don’t think that it’s clear whether or not Android stores a client side resident key. What is clear is that Chrome on Android doesn’t support assertion with an empty allowCredentials list. Subtle difference I know but an argument could be made that the create operation is still valid. In any case this is something the Google folks are best positioned to answer. Sent from my iPhone > On 11 Sep 2020, at 8:03 pm, Arian van Putten <notifications@github.com> wrote: > > > @sbweeden the cited line was part of L1 too though See step 4 of https://www.w3.org/TR/webauthn/#op-make-cred > > If requireResidentKey is true and the authenticator cannot store a client-side-resident public key credential source, return an error code equivalent to "ConstraintError" and terminate the operation. > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub, or unsubscribe. -- GitHub Notification of comment by sbweeden Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1457#issuecomment-691013409 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 11 September 2020 10:23:18 UTC