Emil Lundberg

> @emlun, would you be willing to create a PR making `displayName` and `name` optional in the IDL? We can't trivially declare `name` as `optional` in the WebIDL because it's...

While I somewhat agree in principle, I'm not sure that using [parse JSON bytes to an Infra value](https://infra.spec.whatwg.org/#parse-json-bytes-to-an-infra-value) is better. It indirectly references invoking [%JSON.parse%](https://tc39.es/ecma262/#sec-json.parse) from ECMAScript, which may be...

Thanks for the input! The detour through COSE might actually be an unnecessary indirection in the `CredentialRecord` interface. The only thing it's used for in the verification procedure is to...

> which means that the credential created may not be used for authentication > > > When this is false, including an [authentication ceremony](https://w3c.github.io/webauthn/#authentication-ceremony) where it would be updated to...

Good points! @pascoej any thoughts on this? I think it could be reasonable for conditional registration to return `UV=1` if the client checked some authentication factor "equivalent to WebAuthn user...

@ve7jtb made an acute observation here: the primary use case for conditional registration is to seamlessly upgrade users that currently have just a password as the sole authentication factor. In...

No, that would throw an error: https://w3c.github.io/webauthn/#effective-user-verification-requirement-for-credential-creation >Let _userVerification_ be the **effective user verification requirement for credential creation**, a Boolean value, as follows. If `pkOptions`.[`authenticatorSelection`](https://w3c.github.io/webauthn/#dom-publickeycredentialcreationoptions-authenticatorselection).[`userVerification`](https://w3c.github.io/webauthn/#dom-authenticatorselectioncriteria-userverification) > >- is set to...

Pardon my ignorance - what is a reactive contract? Is this related to #219 (asynchronous methods)?

Ok, that looks to me like another way to describe asynchronous programming. The [Reactor docs](https://projectreactor.io/docs/core/release/reference/index.html#getting-started-introducing-reactor) even say so themselves: >Reactor [...] integrates directly with the Java 8 functional APIs, notably...

`navigator.credentials` is governed by the [Credential Management API](https://w3c.github.io/webappsec-credential-management/#framework-credential-management), which is in the [Web Application Security Working Group](https://www.w3.org/groups/wg/webappsec/) (there is considerable overlap with participants in the WebAuthn WG, though), so the...