- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Wed, 06 Jul 2022 07:06:46 +0000
- To: public-webauthn@w3.org
Because these become baked into the credential in a way that may never change, this can have impacts on individuals when they need to change their name (think divorce, leaving domestic violence). Additionally it may also have privacy disclosure impacts on individuals as well. The user id and handle ARE transmitted during authentication for discoverable credentials (usernameless flows). However the displayName field *can* be changed post credential creation which is why these can contain info that the client side can update, and this displayname is NOT tranmitted during auth. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1763#issuecomment-1175859156 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 6 July 2022 07:06:48 UTC