Re: [webauthn] Better specify what an unknown type credential descriptor being ignored means (#1748)

> I also think that similar to https://github.com/w3c/webauthn/issues/1738, ignoring unknown values is needed for forward compatibility.

Yes, this came up when fixing that issue on chrome.

> Maybe we can change the requirement to be that "[client platforms](https://w3c.github.io/webauthn/#client-platform) MUST ignore any [PublicKeyCredentialDescriptor](https://w3c.github.io/webauthn/#dictdef-publickeycredentialdescriptor) with an unknown [type](https://w3c.github.io/webauthn/#dom-publickeycredentialdescriptor-type), treating the item as if it was not present" but if this results in an empty allowCredentials, then throw an error?

Agreed.

-- 
GitHub Notification of comment by nsatragno
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1748#issuecomment-1161901967 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 21 June 2022 15:15:58 UTC