- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Thu, 30 Jun 2022 00:14:12 +0000
- To: public-webauthn@w3.org
> > If multi-device credentials (more specifically those backed up to a user's platform-provider cloud account) are not able to be excluded by RP policy during credential creation, the spec is essentially dictating that all RPs must figure out a way to make them acceptable (otherwise you have the undesirable fail-after-register UX) > > I think this is still an inevitability. At most, we can provide a UX to hint to the client to try to optimize this, but the client may not understand that hint (or have appropriate UX to represent it to the user) > By being able to send a UX hint, the credential shouldn't even be listed for the usere to select in the ceremony, meaning that they are guided to a valid credential that can be used. The alternative is they perform the whole ceremony then are dropped to an error screen that tries to explain why it failed. Which is much harder to communicate. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1739#issuecomment-1170613178 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 30 June 2022 00:14:14 UTC