- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Thu, 04 May 2023 11:33:08 +0000
- To: public-webauthn@w3.org
Yes, the proposal as currently written would allow that. But presumably, browser implementers would probably agree that it's a bad idea to configure and store a nickname for an external authenticator unless you can store it on that authenticator, for the reasons you describe. Perhaps that is enough, perhaps we'll add an explicit recommendation against it, perhaps there are reasons to do it anyway. But this proposal will also apply to platform authenticators and rich third party passkey provider apps, where that concern doesn't apply, at least not in the same way. None of this is final, though. I expect the details of the proposal will change as people take some more time to think about it and sketch out some implementation scenarios. In particular we'll have to consider how this should work, if at all, for multi-device passkeys. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1880#issuecomment-1534609212 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 4 May 2023 11:33:09 UTC