- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Fri, 13 Oct 2023 18:11:25 +0000
- To: public-webauthn@w3.org
> I think the [Add Credential](https://w3c.github.io/webauthn/#sctn-automation-add-credential) API call would be the be more appropriate place for these, but I agree otherwise. I honestly agree with you, as `be` and `bs` are definitely credential properties vs authenticator properties. However the current means of manipulating flags in `authData` are centralized in the Add Virtual Authenticator API call as `isUserConsenting` and `isUserVerified` so that's why I suggested the authenticator API instead... Actually no, now I agree 100%, the means of specifying `be` and `bs` for a credential **should** be on Add Credential. > ...the caller can "update" bs by first calling [Remove Credential](https://w3c.github.io/webauthn/#sctn-automation-remove-credential) and then calling Add Credential with the new bs value. I think I can get behind this, but we _do_ have precedent for an "update" API [Set User Verified](https://w3c.github.io/webauthn/#sctn-automation-set-user-verified). Maybe we can add a similar "Set Backup Status" API for individual credentials. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1987#issuecomment-1761968217 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 13 October 2023 18:11:27 UTC