- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Thu, 12 Jan 2023 00:59:16 +0000
- To: public-webauthn@w3.org
> RPs can still give users the option to "Add a security key" in the user profile with different parameters (e.g., `attachment: cross-platform`, `rk: preferred`), resulting in a credential that must be used in different flows than passkeys, i.e. always requiring a username first. And if rk: preferred actually meant something different we could have a single way to register security keys and passkeys, and then based on cred props the RP could decide if they can offer the condition ui flow or username is needed. Which is a very nice experience for the user, and easier for RP's but it would require us to actually change something in the spec. Instead currently we are relying on RP's to have a very detailed and subtle insight into all these operations and then make multiple user facing work flows to accomodate. I can tell you now, most RP's won't be doing this. -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1822#issuecomment-1379673931 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 12 January 2023 00:59:18 UTC