- From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
- Date: Tue, 01 Aug 2023 20:15:11 +0000
- To: public-webauthn@w3.org
timcappalli has just created a new issue for https://github.com/w3c/webauthn: == Remove isPPAA() and expand getClientCapabilities() == This issue is a summary of a few PRs to consolidate discussion and provide meta context. There has been much discussion about the pending `getClientCapabilities()` method and the merged `isPasskeyPlatformAuthenticatorAvailable()` method, and whether they are both needed. The original context for `isPasskeyPlatformAuthenticatorAvailable()` is that the many basic RP developers need the ability to detect whether than can offer passkeys to users. Today, only isUVPAA() is available, which can be misleading as there are WebAuthn clients that do not have a local passkey authenticator, but support hybrid transport for interacting with a remote passkey authenticator (such as a phone or tablet). After introducing `getClientCapabilitities()`, there were concerns about introducing duplicate detection methods in the same release. So, the latest update to #1932 ([6931dad](https://github.com/w3c/webauthn/pull/1923/commits/6931dadd4595cd2238398a56e0eea1a73ce6978a)) changes from an enum to a dict, and adds additional capabilities, including `passkeyPlatformAuthenticator`. This removes the need for the standalone `isPasskeyPlatformAuthenticatorAvailable()` method and PR #1936 removes it. Many developers will be able to rely on `getClientCapabilities()` by itself to drive their registration and sign in experiences. Based on all the feedback, both from the WG and the developer community, I think this meets everyone halfway. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1937 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 1 August 2023 20:15:13 UTC