- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Tue, 07 Dec 2021 22:05:12 +0000
- To: public-webauthn@w3.org
equalsJeffH has just created a new issue for https://github.com/w3c/webauthn: == finish removing "create credential" permissions policy cruft == Upon taking a close look at the spec with regards to references to "permissions policy", I've noticed that there remains some cruft with respect to there being a permissions policy with respect to credential creation (i.e., `publickey-credential-create`), which we ostensibly removed via PR #1394. specifically: 1. Section [5.1.3. Create a New Credential - PublicKeyCredential’s [[Create]]() Method](https://www.w3.org/TR/webauthn-3/#sctn-createCredential) continues to have a Note regarding permissions policy (it should not): > Note: Invocation of this internal method indicates that it was allowed by permissions policy, which is evaluated at the [CREDENTIAL-MANAGEMENT-1] level. See § 5.9 Permissions Policy integration. 2. The Note in section [5.9. Permissions Policy integration](https://www.w3.org/TR/webauthn-3/#sctn-permissions-policy) continues to mention `[[DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors)` --- it should not. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1685 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 7 December 2021 22:05:25 UTC