- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Tue, 27 Jun 2023 10:36:27 +0000
- To: public-webauthn@w3.org
> The more I think about it, the more I like what we already have in the L3 draft, with the possible addition of the description that the userHandle also allows the authenticator to recognize when to replace a discoverable credential during creation. This is also mentioned in the [User Handle definition](https://w3c.github.io/webauthn/#user-handle): >[...] >[Authenticators](https://w3c.github.io/webauthn/#authenticator) [map](https://w3c.github.io/webauthn/#authenticator-credentials-map) pairs of [RP ID](https://w3c.github.io/webauthn/#rp-id) and [user handle](https://w3c.github.io/webauthn/#user-handle) to [public key credential sources](https://w3c.github.io/webauthn/#public-key-credential-source). As a consequence, an authenticator will store at most one [discoverable credential](https://w3c.github.io/webauthn/#discoverable-credential) per [user handle](https://w3c.github.io/webauthn/#user-handle) per [Relying Party](https://w3c.github.io/webauthn/#relying-party). >[...] Should we make that clearer or more prominent? -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1909#issuecomment-1609241635 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 27 June 2023 10:36:29 UTC