Re: [webauthn] Credential Creation Options are inconsistent to Request (#1716) from Adam Langley via GitHub on 2022-04-05 (public-webauthn@w3.org from April 2022)

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Tue, 05 Apr 2022 23:19:04 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1089509460-1649200743-sysbot+gh@w3.org>

In an enterprise context, it's valid for the RP to have opinions about which authenticators are acceptable and there are (implemented) accommodations like enterprise attestation. But crafting those opinions in terms of transports isn't what RPs are asking for, at least not when they're asking me. Something like authSel, enabled only for RPs configured via enterprise policies, seems much closer to the mark. But that's about implementation, not spec, so it's something you have to bother the vendors about.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1716#issuecomment-1089509460 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 5 April 2022 23:19:06 UTC