- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 10 Jan 2023 15:27:20 +0000
- To: public-webauthn@w3.org
As I recall, the consensus last time we discussed this on the WG call was that `residentKey: "preferred"` should continue to work as it currently does when storage capacity is not a concern, but it's reasonable to recommend client implementations to be less generous when it is - for CTAP2.0 devices in particular. But that's also why we decided no change is needed in WebAuthn - it's specifically a CTAP2.0 concern, which is beyond the WebAuthn authenticator model and should be handled in CTAP specs/guidelines instead. As is, WebAuthn doesn't even have a concept of authenticator storage _capacity_, only a binary storage _capability_. I'm a bit torn on whether WebAuthn _should_ have such a concept, but I'm still leaning toward calling this out of scope. These are vendor-specific implementation concerns, we shouldn't clutter WebAuthn with them. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1822#issuecomment-1377443100 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 10 January 2023 15:27:22 UTC