philomathic_life
philomathic_life
[`PublicKeyCredentialDescriptorJSON::id`](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialdescriptorjson-id) comes before [`PublicKeyCredentialDescriptorJSON::type`](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialdescriptorjson-type) despite [`PublicKeyCredentialDescriptor::id`](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialdescriptor-id) coming after [`PublicKeyCredentialDescriptor::type`](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialdescriptor-type). I realize that JSON deserialization should not assume the order of fields, but it would nonetheless be nice if the order...
The lint group `rust-2018-idioms` enables [`elided-lifetimes-in-paths`](https://doc.rust-lang.org/rustc/lints/listing/allowed-by-default.html#elided-lifetimes-in-paths). [`Visitor::expecting`](https://github.com/serde-rs/serde/blob/master/serde/src/de/mod.rs#L1311) omits the lifetime from [`Formatter`](https://doc.rust-lang.org/stable/core/fmt/struct.Formatter.html). When relying on autocompletion, this requires one to manually add a lifetime argument to silence this warning. Would...
Either there is a bug in code, or the documentation needs to be changed for [`capacity`](https://docs.rs/dashmap/latest/dashmap/struct.DashMap.html#method.capacity). The documentation states (emphasis added): > Returns how many key-value pairs the map can...
In #2174 it was mentioned that a cautionary note about _not_ sending PRF data to the server may be appropriate for use cases where the output is used as a...
#1880 added the optional item `authenticatorDisplayName` to [_Credential Record_](https://w3c.github.io/webauthn/#abstract-opdef-credential-record-authenticatordisplayname); however it was not added to Step 27 of the registration ceremony nor Step 23 of the authentication ceremony. Seeing how...
…ing to use none attestation Closes #2146 Related #1962 #2146 raises the possibility of leaving attestation for _all_ platform authenticators based on the argument that much of the information related...
In L3 platform-based authenticators are allowed AAGUIDs that are not all-zero even when _`credentialCreationData.`_[`attestationConveyancePreferenceOption`](https://w3c.github.io/webauthn/#credentialcreationdata-attestationconveyancepreferenceoption) is `"none"`. As a result, there is no additional privacy obtained by replacing self attestation with...
Currently the spec states: > Let JSONtext be the result of running [UTF-8 decode](https://encoding.spec.whatwg.org/#utf-8-decode) on the value of response.[clientDataJSON](https://www.w3.org/TR/webauthn-3/#dom-authenticatorresponse-clientdatajson). > >Note: Using any implementation of [UTF-8 decode](https://encoding.spec.whatwg.org/#utf-8-decode) is acceptable as...
The motivation behind both [`AuthenticatorAttestationResponseJSON.publicKey`](https://w3c.github.io/webauthn/#dom-authenticatorattestationresponsejson-publickey) and [`AuthenticatorAttestationResponseJSON.publicKeyAlgorithm`](https://w3c.github.io/webauthn/#dom-authenticatorattestationresponsejson-publickeyalgorithm) is the same: [easy access to credential data](https://w3c.github.io/webauthn/#sctn-public-key-easy). For good reason though, `AuthenticatorAttestationResponseJSON.publicKey` is not required since technically such data exists in the...