Re: [webauthn] §6.1. Steps to generate authenticator data should include BE and BS flags (#2064) from philomathic_life via GitHub on 2024-05-15 (public-webauthn@w3.org from May 2024)

From: philomathic_life via GitHub <sysbot+gh@w3.org>
Date: Wed, 15 May 2024 21:34:17 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2113492545-1715808854-sysbot+gh@w3.org>

Just want to make sure that SHOULD is used instead of SHALL if it's not required for RPs to enforce that BE and BS are not 0 and 1 respectively. As the linked issue explains, the RFU bits are not supposed to be enforced to be 0; however [Authenticators perform the following steps to generate an authenticator data structure](https://www.w3.org/TR/webauthn-3/#authenticator-data-perform-the-following-steps-to-generate-an-authenticator-data-structure) mistakenly states they SHALL (i.e, MUST) be 0.

-- 
GitHub Notification of comment by zacknewman
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2064#issuecomment-2113492545 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 15 May 2024 21:34:18 UTC