- From: philomathic_life via GitHub <sysbot+gh@w3.org>
- Date: Tue, 30 Apr 2024 15:28:58 +0000
- To: public-webauthn@w3.org
I'm confused. If something SHALL/MUST be something, then shouldn't that mean it's enforced independent of the RP Operations? If not, then using [RFC 2119](https://datatracker.ietf.org/doc/html/rfc2119#section-1) terminology is completely pointless since it's only the RP Operations that dictate what happens. It would be nice if the `flags` documentation were updated to at least link to [Authenticators perform the following steps to generate an authenticator data structure](https://www.w3.org/TR/webauthn-3/#authenticator-data-perform-the-following-steps-to-generate-an-authenticator-data-structure); so implementations that actually adhere to the RFC 2119 terms as stated in the [Dependencies](https://www.w3.org/TR/webauthn-3/#sctn-dependencies), more easily find this requirement and don't accidentally ignore the bits instead. -- GitHub Notification of comment by zacknewman Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2063#issuecomment-2085673441 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 30 April 2024 15:28:59 UTC