Re: [webauthn] residentKey: "preferred-if-unlimited"? (#1822)

well it makes sense to have a little bit for both, like there are scenarios where an RK may be required actually like if a Site for some reason kinda depends on the usernameless login, but I think it should be primarily a user choice on most sites especially with how few RKs the most popular brand of FIDO Devices can store being 25.

if every place wants an RK, that gets full fast, and while I really love having an RK on some accounts because it's really nice to have (e.g. Multiple Microsoft 365 accounts to admin stuff and not needing to remember every user name) on other things it would be just dumb.

-- 
GitHub Notification of comment by My1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1822#issuecomment-1309810711 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 10 November 2022 05:53:24 UTC