- From: micolous via GitHub <noreply@w3.org>
- Date: Sat, 16 May 2026 13:59:33 +0000
- To: public-webauthn@w3.org
I have [essentially the same concerns as with the previous phrasing of this suggestion](https://github.com/w3c/webauthn/issues/2157#issuecomment-3055222263): it could be easily mistaken for a cryptographically attested indication (and [signing this value or co-mingling it with another key](https://github.com/w3c/webauthn/issues/2340#issuecomment-3403831503) _increases_ the likelihood for confusion), and it moves the burden for maintaining up-to-date lists of synchronised credential managers and appropriate icons onto RPs. There are many more RPs than synchronised credential managers. Pushing this work to every RP to maintain or import such a database adds up to an unreasonable burden, even in the ideal case that RPs are using a small number of WebAuthn implementations. _Not all RPs are billion-dollar companies. Some are not even one-dollar, and some are not even companies._ -- GitHub Notification of comment by micolous Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2340#issuecomment-4467062907 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Saturday, 16 May 2026 13:59:34 UTC