- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Fri, 19 Apr 2024 23:23:03 +0000
- To: public-webauthn@w3.org
> This means that the countably infinite `[PublicKeyCredentialHints]?` is partitioned into five equivalence classes, correct: > > 1. `[]` > 2. `["security-key"]` > 3. `["client-device"]` > 4. `["security-key", "hybrid"]` > 5. `["client-device", "hybrid"]` I would suggest that most RP's either A) use hints one-at-a-time to offer pre-registration guidance for the general category of authenticator they want the user to register, or B) group hints along the current `authenticatorAttachment` split: 1. ["client-device"] 2. ["security-key", "hybrid"] IMO number 2 could just as easily put `"hybrid"` before `"security-key"` as the RP desires - nothing about hints forces any of them into buckets, that should be an opinion established by RP's (or library maintainers.) > Here I am assuming that a missing `hints` field, `["hybrid"]`, and `[]` are the same. Not necessarily. `["hybrid"]` is the RP communicating to browsers that support hints, "please start the user in your hybrid registration flow." `[]` carries no meaning and so the browser would be free to start the registration ceremony where it wants to (e.g. the curernt behavior of optimizing for platform authenticator registration.) -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2053#issuecomment-2067388089 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 19 April 2024 23:23:04 UTC