Re: [webauthn] Misaligned steps in Section 7.2 (#1913) from Emil Lundberg via GitHub on 2024-01-19 (public-webauthn@w3.org from January 2024)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 19 Jan 2024 14:54:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1900564473-1705676039-sysbot+gh@w3.org>
Oh, this is weird - this issue appears in Chrome but not in Firefox. @agl @jschanck is this a bug in either browser?

The relevant HTML is this:

```html
<h3 class="heading settled" data-level="7.2" id="sctn-verifying-assertion"><span class="secno">7.2. </span><span class="content">Verifying an Authentication Assertion</span><a class="self-link" href="#sctn-verifying-assertion"></a></h3>
<p>In order to perform an <a data-link-type="dfn" href="#authentication-ceremony" id="ref-for-authentication-ceremony②⑤">authentication ceremony</a>, the <a data-link-type="dfn" href="#relying-party" id="ref-for-relying-party②⑥⑨" aria-expanded="false">Relying Party</a> MUST proceed as follows:</p>
<ol>
    <li data-md="">
     <p>Identify the user being authenticated and let <var>credentialRecord</var> be the <a data-link-type="dfn" href="#credential-record" id="ref-for-credential-record⑨">credential record</a> for the <a data-link-type="dfn" href="https://w3c.github.io/webappsec-credential-management/#concept-credential" id="ref-for-concept-credential①⑧">credential</a>:</p>
     <dl class="switch">
      <dt data-md="">If the user was identified before the <a data-link-type="dfn" href="#authentication-ceremony" id="ref-for-authentication-ceremony②⑥" aria-expanded="false">authentication ceremony</a> was initiated, e.g., via a username or cookie,
      </dt><dd data-md="">
       <p>verify that the identified <a data-link-type="dfn" href="#user-account" id="ref-for-user-account③③" aria-expanded="false">user account</a> contains a <a data-link-type="dfn" href="#credential-record" id="ref-for-credential-record①⓪">credential record</a> whose <a data-link-type="abstract-op" href="#abstract-opdef-credential-record-id" id="ref-for-abstract-opdef-credential-record-id②">id</a> equals <code><var>credential</var>.<code class="idl"><a data-link-type="idl" href="#dom-publickeycredential-rawid" id="ref-for-dom-publickeycredential-rawid③">rawId</a></code></code>.
Let <var>credentialRecord</var> be that <a data-link-type="dfn" href="#credential-record" id="ref-for-credential-record①①" aria-expanded="false">credential record</a>.
If <code><var>response</var>.<code class="idl"><a data-link-type="idl" href="#dom-authenticatorassertionresponse-userhandle" id="ref-for-dom-authenticatorassertionresponse-userhandle⑥">userHandle</a></code></code> is present,
verify that it equals the <a data-link-type="dfn" href="#user-handle" id="ref-for-user-handle②④" aria-expanded="false">user handle</a> of the <a data-link-type="dfn" href="#user-account" id="ref-for-user-account③④">user account</a>.</p>
      </dd><dt data-md="">If the user was not identified before the <a data-link-type="dfn" href="#authentication-ceremony" id="ref-for-authentication-ceremony②⑦">authentication ceremony</a> was initiated,
      </dt><dd data-md="">
       <p>verify that <code><var>response</var>.<code class="idl"><a data-link-type="idl" href="#dom-authenticatorassertionresponse-userhandle" id="ref-for-dom-authenticatorassertionresponse-userhandle⑦">userHandle</a></code></code> is present.
Verify that the <a data-link-type="dfn" href="#user-account" id="ref-for-user-account③⑤" aria-expanded="false">user account</a> identified by <code><var>response</var>.<code class="idl"><a data-link-type="idl" href="#dom-authenticatorassertionresponse-userhandle" id="ref-for-dom-authenticatorassertionresponse-userhandle⑧">userHandle</a></code></code> contains a <a data-link-type="dfn" href="#credential-record" id="ref-for-credential-record①②">credential record</a> whose <a data-link-type="abstract-op" href="#abstract-opdef-credential-record-id" id="ref-for-abstract-opdef-credential-record-id③">id</a> equals <code><var>credential</var>.<code class="idl"><a data-link-type="idl" href="#dom-publickeycredential-rawid" id="ref-for-dom-publickeycredential-rawid④">rawId</a></code></code>.
Let <var>credentialRecord</var> be that <a data-link-type="dfn" href="#credential-record" id="ref-for-credential-record①③" aria-expanded="false">credential record</a>.</p>
     </dd></dl>
    </li>
    <li data-md="">
     <p>Let <var>cData</var>, <var>authData</var> and <var>sig</var> denote the value of <var>response</var>’s <code class="idl"><a data-link-type="idl" href="#dom-authenticatorresponse-clientdatajson" id="ref-for-dom-authenticatorresponse-clientdatajson①⓪">clientDataJSON</a></code>, <code class="idl"><a data-link-type="idl" href="#dom-authenticatorassertionresponse-authenticatordata" id="ref-for-dom-authenticatorassertionresponse-authenticatordata②" aria-expanded="false">authenticatorData</a></code>, and <code class="idl"><a data-link-type="idl" href="#dom-authenticatorassertionresponse-signature" id="ref-for-dom-authenticatorassertionresponse-signature②">signature</a></code> respectively.</p>
    </li>
</ol>
```

## Chrome

In Chrome (120.0.6099.216 (Official Build) (64-bit)) this renders as:

![screenshot-2024-01-19T15:46:50+01:00](https://github.com/w3c/webauthn/assets/1367758/7a9dcd39-77cc-48cb-ab4d-53352812e7f6)


## Firefox

In Firefox (121.0.1 (64-bit)) this renders as:

![screenshot-2024-01-19T15:47:34+01:00](https://github.com/w3c/webauthn/assets/1367758/010aa928-5a02-43d4-b609-dcbb92be9453)


-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1913#issuecomment-1900564473 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 19 January 2024 14:54:04 UTC