Tim Cappalli
Tim Cappalli
We just need to be careful with wording, because some browsers will implement the cross-device presentation/issuance protocol directly, which does not require the underlying platform to understand anything related to...
@simoneonofri this is marked as both draft and awaiting review. Should we start reviewing?
Closing in favor of #409 and its sub tasks.
This is not an API or even protocol layer issue IMO. Issuance is governed by trust frameworks which define their requirements and other parties (credential managers, verifiers, etc) participate in.
That is already the case in most jurisdictions/geos.
Closing in favor of #401 Context: - https://github.com/w3c-fedid/digital-credentials/issues/396#issuecomment-3530355512 - https://github.com/w3c-fedid/digital-credentials/issues/396#issuecomment-3536589458
+1 as well. As we start to see more authenticators adding support, these server side conformance tests are important.
Hi, one of the authors of the "horrid" WebAuthn specification here... I've been avoiding replying as some past discussions on this topic resulted in some very hostile behavior against me...
> That's a very interesting topic. Can you tell us more about the solution you wanted to implement? Because if the credential manager companies that are driving development don't want...
Unfortunately, only option 1 would be spec compliant. If UV is returned as true, UV must have been performed during the WebAuthn ceremony.