W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

Re: [webauthn] mmiller-improve-terminology-and-progression (#1615)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Mon, 24 May 2021 22:13:48 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-847386475-1621894426-sysbot+gh@w3.org>
> * Many items are UX hints, but are expressed with language that make them seem like requirements or policy

Mind opening an issue specifically pointing these out?

> * 'discoverable credentials' 'resident keys' are very confusing terms which really should be "Ephemeral Key-Wrapped Keys" and "Persistent Private Key".

The term "discoverable credential" was introduced specifically to decouple the discoverability property from the storage implementation, especially as with the CTAP2 `credProtect` extension it is now possible to have a "persistent private key" that is nevertheless not discoverable without naming it by credential ID.

> * Confusing terms like this, lead to even more confusing items like "storage modality" that only serve to add more confusion

...that said, I can agree that the whole "Authenticator taxonomy" section has felt a little iffy ever since it was added. I'd be happy to take another pass at it and maybe eliminate some of this not-all-that-useful terminology, unless it's too late to get rid of it now. But I suspect most of those terms aren't really used outside the spec (unlike "resident key" for example).

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1615#issuecomment-847386475 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 24 May 2021 22:13:50 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC