Emil Lundberg comments

Results 296 comments of


                                            Emil Lundberg

Deprecate AuthenticatorAttachment in favor of PublicKeyCredentialHints.

> Doesn't `"hybrid"` mean both `"platform"` and `"cross-platform"` are allowed without preference to either one? No, the [`"hybrid"` hint](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialhints-hybrid) indicates a preference for a separate authenticator device using the [`"hybrid"`...

Empty strings are not valid RFC 8266 Nicknames

2024-05-15 WG call: - This seems like an accurate observation. - This was changed in PR #1932. - Empty values tend to lead to interop problems, we should revert that...

Include enterpriseAttestation in getClientClientCapabilities

Ah, ok. In that case it's probably worth mentioning in the `{{ClientCapability/enterpriseAttestation}}` definition that the presence of this capability is no guarantee that the client's/authenticator's policy allows EA for the...

Authenticator data flags reserved bits must be 0 or the figures would ideally be changed

It is defined under "[**Authenticators perform the following steps to generate an authenticator data structure**](https://www.w3.org/TR/webauthn-3/#authenticator-data-perform-the-following-steps-to-generate-an-authenticator-data-structure)" that: >- The [UP](https://www.w3.org/TR/webauthn-3/#authdata-flags-up) [flag](https://www.w3.org/TR/webauthn-3/#authdata-flags) SHALL be set if and only if [...]. The RFU...

Authenticator data flags reserved bits must be 0 or the figures would ideally be changed

@zacknewman Not all requirements can be enforced in-protocol. Authenticators are required to set the RFU bits to zero for now, but RPs should not enforce this behaviour since that would...

Make AuthenticatorAttestationResponseJSON.publicKeyAlgorithm a long

Thanks for pointing this out! 2024-05-15 WG call: [`AuthenticatorAttestationResponseJSON`](https://www.w3.org/TR/webauthn-3/#dictdef-authenticatorattestationresponsejson) was added in the L3 drafts, so we can easily change [`AuthenticatorAttestationResponseJSON.publicKeyAlgorithm`](https://www.w3.org/TR/webauthn-3/#dom-authenticatorattestationresponsejson-publickeyalgorithm) to type `long` (or `COSEAlgorithmIdentifier`) since L3 isn't formally...

Emil Lundberg

Deprecate AuthenticatorAttachment in favor of PublicKeyCredentialHints.

Empty strings are not valid RFC 8266 Nicknames

Include enterpriseAttestation in getClientClientCapabilities

Authenticator data flags reserved bits must be 0 or the figures would ideally be changed

Authenticator data flags reserved bits must be 0 or the figures would ideally be changed

Make AuthenticatorAttestationResponseJSON.publicKeyAlgorithm a long

§6.1. Steps to generate authenticator data should include BE and BS flags

§6.1. Steps to generate authenticator data should include BE and BS flags

Various improvements to conditionalCreate/Mediation discoverability and uniformity

Implement alias/unalias builtin