- From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
- Date: Fri, 14 May 2021 04:30:40 +0000
- To: public-webauthn@w3.org
Thanx @Kieun ! This though makes testing and development considerably more challenging. In my own application, I would like to clear any possible earlier key (for the domain of course) for each enrollment as the key may have been deleted at the RP. This seems like a possible real-world scenario as well. In an enroll-disenroll-enroll scenario you don't want the confuse the user and you also want to get a freshly attested key. Keeping a registry of disenrolled keys is usually not an option. Requiring users to go to platform specific "settings" does (IMO) only work for experts which defeats the purpose of FIDO. Maybe I'm just missing something? Reading the WebAuthn specs is not for everybody... -- GitHub Notification of comment by cyberphone Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1612#issuecomment-840998842 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 14 May 2021 04:30:43 UTC