Re: [webauthn] Prevent browsers from deleting "server-side credentials" for the RP (#1569)

One not-so-crazy option would be to recommend that RPs with existing security key user handles generate a second user handle to be used for passwordless registrations (and maybe a third for usernameless registrations, if that's not covered by "passwordless"?). However, this seems like a rather annoying responsibility to heap on RPs when it could be fixed at the spec or browser level.

-- 
GitHub Notification of comment by lgarron
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1569#issuecomment-775649882 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 9 February 2021 04:15:37 UTC