Re: [webauthn] Revisit description of userHandle (#1909) from Emil Lundberg via GitHub on 2023-06-28 (public-webauthn@w3.org from June 2023)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 28 Jun 2023 07:40:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1610923749-1687938037-sysbot+gh@w3.org>

> A continuing "issue" with `userHandle` is that it remains non-required even in the draft of L3:

> We can make the spec more clear maybe. But I think "Discoverable Credentials return `userHandle` when `allowedCredentials` is empty" is something that the spec currently (kind of in a round-about way) mandates

See also issue #1892. Thanks @arianvp, looks like we might need to bring the formal authenticatorGetAssertion algorithm more in line with the User Handle description in your quote.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1909#issuecomment-1610923749 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 28 June 2023 07:40:41 UTC