Re: [webauthn] Refer to options for the user verification check (#1718)

I'm sorry we let you down @infinisil. Opening issues for things I didn't understand was how I, too, got involved with the WG, and I want that opportunity to be open to you too.

As we've said, we think the language proposed here is too specific, but your and @Firstyear's input have given me some other ideas for how we could improve this. I've outlined some of these thoughts in https://github.com/w3c/webauthn/issues/1510#issuecomment-1151576857. In principle I wouldn't mind some help drafting it, but it will likely also tie into #1556 and #1740 - these all relate to and/or would benefit from a more formalized representation of a "credential record" on the server side - so it's going to be a bit tricky to get it all to fit together and to work within Bikeshed. But you (and @Firstyear) are welcome to give it a try if you want, though I understand if you feel disheartened. I've pushed some half-baked thoughs on a [branch in my fork](https://github.com/emlun/webauthn/tree/wip/credential-record) where you can at least see the general direction I'm going with some of it. But note that it's all very experimental, perhaps none of it will make it into the spec in the end.


-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1718#issuecomment-1154569999 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 14 June 2022 00:12:14 UTC