Re: [webauthn] Variable reference issue in DPK processing rules (#1817) from Shane Weeden via GitHub on 2022-10-19 (public-webauthn@w3.org from October 2022)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Wed, 19 Oct 2022 02:16:44 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1283295432-1666145802-sysbot+gh@w3.org>

Let's discuss in next regular WebAuthn call. Personally I can't understand why an RP would ever use the client extension output as authoritative for this data given its not signed, whereas the copy within the authData is signed.

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1817#issuecomment-1283295432 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 19 October 2022 02:16:45 UTC