Re: [webauthn] Revisit description of userHandle (#1909) from Emil Lundberg via GitHub on 2023-06-27 (public-webauthn@w3.org from June 2023)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 27 Jun 2023 10:36:17 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1609241407-1687862175-sysbot+gh@w3.org>

> Why _should_ the userHandle be passed back to the RP during assertion flows? What practical/valuable purpose does that serve?

I asked the same question back when this was introduced: https://github.com/w3c/webauthn/pull/558#issuecomment-329753114 and that is also where I first heard the argument I now relayed to @sbweeden: https://github.com/w3c/webauthn/pull/558#issuecomment-330317134

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1909#issuecomment-1609241407 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 27 June 2023 10:36:19 UTC