Re: [webauthn] Better specify what an unknown type credential descriptor being ignored means (#1748) from Nina Satragno via GitHub on 2022-06-21 (public-webauthn@w3.org from June 2022)

From: Nina Satragno via GitHub <sysbot+gh@w3.org>
Date: Tue, 21 Jun 2022 15:15:57 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1161901967-1655824553-sysbot+gh@w3.org>

> I also think that similar to https://github.com/w3c/webauthn/issues/1738, ignoring unknown values is needed for forward compatibility.

Yes, this came up when fixing that issue on chrome.

> Maybe we can change the requirement to be that "[client platforms](https://w3c.github.io/webauthn/#client-platform) MUST ignore any [PublicKeyCredentialDescriptor](https://w3c.github.io/webauthn/#dictdef-publickeycredentialdescriptor) with an unknown [type](https://w3c.github.io/webauthn/#dom-publickeycredentialdescriptor-type), treating the item as if it was not present" but if this results in an empty allowCredentials, then throw an error?

Agreed.

-- 
GitHub Notification of comment by nsatragno
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1748#issuecomment-1161901967 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 21 June 2022 15:15:58 UTC