- From: r-jo via GitHub <sysbot+gh@w3.org>
- Date: Wed, 14 Feb 2024 09:52:04 +0000
- To: public-webauthn@w3.org
Although I am not planning to use webauthn in the end (the username fields is the lesser problem, the bigger problem is that it practically mandates digital pass managers and you will always have people who prefer paper pass managers, hence webauthn is flawed as a single authentication mechanism) I will push to have the option to use it without usernames as long as - I do not here a logically understandable argument why OPTIONAL usernames would be a problem - we have some web biometrics capability outside of webauthn Instead of insults and closing and hiding I am still humbly awaiting arguments against OPTIONAL usernames. At one point, the spec says if we do not need the field, it SHOULD be set to an empty field. I do not know where you guys had your programming education and experience but I would stop the interview in my company with someone who mandates empty strings this way. It is then a logically OPTIONAL field, dont you think? And having plenty of authenticator/pass manager UI/UX, if I set the field to empty string, it might be an awkward empty field in some UI, others might treat it as absent and implement appropriate logic. Last time I checked, it was AWKWARD everywhere :) -- GitHub Notification of comment by r-jo Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1942#issuecomment-1943415608 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 14 February 2024 09:52:07 UTC