Re: [webauthn] user verification caching etension added (#2021) from Rolf Lindemann via GitHub on 2024-02-12 (public-webauthn@w3.org from February 2024)

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Mon, 12 Feb 2024 18:43:56 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1939325926-1707763433-sysbot+gh@w3.org>

With this approach, the maxUVC included in the authenticator output could be defined differently to be less or equal to the maxUVC as provided by the RP - so that the authenticator could set it to the elapsed time.
The Authenticator today already indicates whether UV was performed.  The current expectation is that this is fresh user verification.  I think it would be good to let the RP indicate whether UV caching is acceptable for the specific use case.

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2021#issuecomment-1939325926 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 12 February 2024 18:43:58 UTC