- From: Matthew Miller via GitHub <noreply@w3.org>
- Date: Wed, 09 Jul 2025 20:09:29 +0000
- To: public-webauthn@w3.org
From WG meeting: It sounds like the best path forward here is to map `authenticatorAttachment` to specific combinations of `hints` values, then allow RPs to continue using `authenticatorAttachment` while encouraging new RPs to use `hints` instead. `hints` would continue to take precedence over `authenticatorAttachment` when both are present. Then we could add a non-normative note to `authenticatorAttachment` suggesting using `hints` instead (essentially a "soft deprecation" without intention of removing `authenticatorAttachment` entirely.) @dveditz @pascoej: what do you think about this proposed way of encouraging more RPs to use hints over specifying an attachment? Attachments are overloaded and confusing these days especially with synced passkeys and the many third-party providers intercepting API calls or interfacing with the platform. Hints can help RPs better adapt their use of WebAuthn to be flexible in light of all this complexity. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2053#issuecomment-3053862390 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 9 July 2025 20:09:29 UTC