- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Wed, 23 Mar 2022 22:33:10 +0000
- To: public-webauthn@w3.org
> @lgarron It was a little ambiguous to me in the OP, to clarify your ask: you're simply proposing adding a new property `discoverableCredential` to [`AuthenticatorSelectionCriteria`](https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialcreationoptions-authenticatorselection) that is a alias of the existing [`residentKey`](https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-residentkey)? And parsing logic related to `residentKey` would then become "if `residentKey` or `discoverableCredential` are `"required"` then..."? > > If that's so that seems pretty reasonable to me. Assuming such a thing would make it into L3 then maybe in L4 we could deprecate the `residentKey` argument completely 🤔 I have previously asked about a way to specify per-credential selection criteria which was denied by this WG, because an authentication challenge is considered to be targetting a single credential with a narrow credential class, rather than about selecting between criteria for a diverse range of possible authenticators. As a result it's up to the RP to pre-select in a work flow for the user what credential they want to potentially use, including the distinction between rk and not. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1565#issuecomment-1076886692 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 23 March 2022 22:33:11 UTC