W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2021

Re: [webauthn] Note to encourage storage of registered credential details (#1556)

From: Firstyear via GitHub <sysbot+gh@w3.org>
Date: Mon, 08 Feb 2021 03:30:21 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-774841396-1612755020-sysbot+gh@w3.org>

> So there's at least something out in the wild taking an opinionated stance on what information out of an attestation is/might be useful for future-proofing an RP as utilization of WebAuthn grows and the spec evolves.
> 

I think this is a good summary of it. Webauthn does not exist in a vacuum, it will be used in a variety of new and different scenarios and methods. Having the standard correctly show what can and can not be used to develop security and account policy in various ways will help to ensure that implementors are "holding it correctly". 

-- 
GitHub Notification of comment by Firstyear
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1556#issuecomment-774841396 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 8 February 2021 03:30:23 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:42 UTC