- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Mon, 12 Aug 2024 16:50:25 +0000
- To: public-webauthn@w3.org
> > Are user agents expected to encode `id` again so that an RP receives a Credential ID that has been encoded twice or are user agents expected to know that the `USVString` is already a `Base64URLString` and send it as is? If the latter, it seems less confusing to just leave the type as a `USVString`. > > User agents are expected to _not_ re-encode `id`, so yes, `id` and `rawId` are essentially aliases in the `*ResponseJSON` context. Fair point about the `Base64URLString` type perhaps making it seem like it would be doubly-encoded, but on the other hand it _is_ a base64 encoded value. @MasterKale any thoughts on that? Sorry for creating confusion with this. User agents **are not** expected to encode `id` again. Thinking back I probably used `Base64URLString` for `id` as well because "it's a base64url-encoded string." I agree it would make sense for it to share the type of `Credential.id`, though. @emlun can I simply change `RegistrationResponseJSON.id` and `AuthenticationResponseJSON.id` to `USVString` without breaking anything? -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2119#issuecomment-2284490312 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 12 August 2024 16:50:26 UTC