- From: Joshua Zhao via GitHub <noreply@w3.org>
- Date: Tue, 19 Aug 2025 04:45:19 +0000
- To: public-webauthn@w3.org
> In my experience, browser clients filter out extensions that they do not recognised and will not pass them along to authenticators. I'm not arguing for or against the idea, just stating the observed current behaviour. Yes, that's my observation too. This is precisely the reason why I'm making the proposal. Because the spec states that every extension is for clients, the clients are of course free to deal with them as they see fit. I'm arguing that we should not let clients be the gatekeepers for extensions meant for authenticators only. -- GitHub Notification of comment by joshzhao Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2331#issuecomment-3199188409 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 19 August 2025 04:45:20 UTC