- From: philomathic_life via GitHub <sysbot+gh@w3.org>
- Date: Wed, 25 Sep 2024 21:38:10 +0000
- To: public-webauthn@w3.org
Why do challenges need to be fetched from the server? Couldn't the challenge also be generated client-side? The client would then send both `AuthenticationResponseJSON` and the base64url-encoded challenge to the server? This would reduce latency even further. Is the idea that mobile devices are not powerful enough to generate 16 bytes of entropy for the challenge? -- GitHub Notification of comment by zacknewman Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2152#issuecomment-2375310292 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 25 September 2024 21:38:11 UTC