Re: [webauthn] Backup state of credentials (#1692)

We changed level 2 to allow unsolicited.
That is not to say that there won't be a pile of existing RP's with code that might be based on Level 1 that might reject assertions with unknown extensions.

Flags are less likely to break existing RP and don't require additional bits to be sent in both the request and response that an extension would.

I could live with it as an extension but think using the bit flags is cleaner.

GitHub Notification of comment by ve7jtb
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Wednesday, 26 January 2022 17:03:15 UTC