- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Mon, 04 Apr 2022 23:04:39 +0000
- To: public-webauthn@w3.org
Firstyear has just created a new issue for https://github.com/w3c/webauthn: == Credential Creation Options are inconsistent to Request == In creation there is no way to specify to the user agent which transports we allow, since we only have: https://www.w3.org/TR/webauthn-3/#dictdef-authenticatorselectioncriteria https://www.w3.org/TR/webauthn-3/#enum-attachment Which is limited to platform and cross-platform. This causes the situation to be confusing now with caBLE, where we may or may not want to allow this. During assertion however, we can select this with: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialdescriptor https://www.w3.org/TR/webauthn-3/#enum-transport We should be able to specify allowed transports in registration, the same way we specify them in assertion. I propose that we extend https://www.w3.org/TR/webauthn-3/#dictionary-authenticatorSelection with transports and we deprecate the use of authenticatorAttachment since transports is more expressive, and can express the full state and set of attachment modalities. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1716 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 4 April 2022 23:04:40 UTC