- From: certainlyNotHeisenberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 05 May 2021 12:24:17 +0000
- To: public-webauthn@w3.org
@Firstyear Got it. I was confused about your distinction between verification and signatures, since of course the verification itself _is_ a signature. But given your edit section, I understand what you mean. Agreed that it's lower hanging fruit to expand the current authentication flow to also accept an optional hash of data (together with a nonce for entropy). I'm all for this. I do still think that arbitrary data signatures are a _far_ more powerful feature however, so I hope that part of the proposal does not get lost. (On memory considerations, yes there would of course be some constraints. The data can't be totally arbitrary. But hopefully these constraints can be made as minimal as possible.) -- GitHub Notification of comment by certainlyNotHeisenberg Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1608#issuecomment-832644961 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 5 May 2021 12:24:19 UTC