W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2021

Re: [webauthn] Making PublicKeyCredentialDescriptor.transports mandatory (#1522)

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Wed, 06 Jan 2021 22:06:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-755742438-1609970802-sysbot+gh@w3.org>
From the call of 2020-01-06, the group doesn't believe that a change should be made here.

Browsers do not always know the transports supported by an authenticator. Making the transports field mandatory would only cause them to either have to fail such requests or to make something up. It's already the case that browsers pass on the information that they do have and changing the spec doesn't look like it it would result in RPs getting any more (accurate) data. There could be specific issues with some browsers but those are more usefully considered as browser bugs.

Also, RPs would still need to handle the case where the transports parameter was not provided because L1 clients would still be able to omit it.

So, while we agree that browsers should always pass on transports information when available, we don't think that making the field mandatory in the IDL would further that goal.

GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1522#issuecomment-755742438 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 6 January 2021 22:06:45 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:42 UTC