- From: Shane Weeden via GitHub <sysbot+gh@w3.org>
- Date: Wed, 20 Mar 2024 19:05:16 +0000
- To: public-webauthn@w3.org
> There is an RP policy gap in this idea that I think could be addressed by having an extension which permits inputs and outputs. The use case is, "As an RP I'm ok with uv=preferred however only if its within the last xx period (eg an hour)". > > This would then allow the authenticator the opportunity to honour the policy rather than have the RP reject it after the ceremony. The input to the extension could express the policy, the output could express the authenticator's actual behaviour. > > If the input was 0, and uv=preferred, this is semantically equivalent to uv=required. Looks like my idea has been expressed in proposed PR #2021 -- GitHub Notification of comment by sbweeden Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2034#issuecomment-2010394634 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 20 March 2024 19:05:17 UTC