[w3c/webauthn] 8a6dae: Conditional request allowList credential filtering... from Nina Satragno on 2022-10-07 (public-webauthn@w3.org from October 2022)

From: Nina Satragno <noreply@github.com>
Date: Fri, 07 Oct 2022 08:39:33 -0700
To: public-webauthn@w3.org
Message-ID: <w3c/webauthn/push/refs/heads/main/008b97-8a6dae@github.com>

  Branch: refs/heads/main
  Home:   https://github.com/w3c/webauthn
  Commit: 8a6daecd998e3144a4a3e17629919a1c2d110327
      https://github.com/w3c/webauthn/commit/8a6daecd998e3144a4a3e17629919a1c2d110327
  Author: Nina Satragno <nsatragno@gmail.com>
  Date:   2022-10-07 (Fri, 07 Oct 2022)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Conditional request allowList credential filtering (#1810)

Allow filtering credentials during conditional requests by passing an
allowList to navigator.credentials.get. This allows relying parties who
know who the user attempting to authenticate is (e.g. because they
entered their username) to have autofill only show credentials for that
user. See the bug for a description of use-cases.

Fixes #1793

Received on Friday, 7 October 2022 15:39:45 UTC