Ki-Eun Shin
Ki-Eun Shin
I added more clear description of the issue.
@agl @emlun before writing the PR, I would like to listen your thoughts regarding this. For authenticator extensions, the supported output should be conveyed in AuthData. right?
@emlun I'm thinking that appId, authnSel, biometricPrefBouns and credProps are the type of client extension. They don't need any other communication with authenticators. So, at least for the authenticator extension,...
@madwizard-thomas If the extension is a kind of authenticator extension, it just implies that the extension is for authenticators. If the client and authenticator respect (support) the request, it should...
I can't follow the issue. Is this about the platform authenticator with a discoverable feature or the security keys? At least , RP should have a knowledge about the registered...
> How should this work if a user is logging in from a brand-new browser profile? If you say about the case where is no client (browser) side information about...
Another thought for this is that adding attachment option for .get() call, so that RP would indicate their preference for the authentication. You can refer the issue here #1267. And...
For native application, especially for Apple ecosystem, there is an option for RPs to indicate whether allowing key backup (syncing) or not. As a RP side, it would be helpful...
@alanwaketan what kind of gestures are you referring? Clicking a button (or prompt) provided by user agent? Or, just swiping some UI component?
> Whether the registration is a platform authenticator As far as I can tell, this information is not available from the response. The RP has to ask for it, and...