- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Thu, 12 Sep 2019 23:12:15 +0000
- To: public-webauthn@w3.org
agl has just submitted a new pull request for https://github.com/w3c/webauthn: == More explicitly document use cases. == The aims of this PR (which is currently incomplete) are, firstly, to provide more specific guidance for RPs about how to configure the several options in WebAuthns and, secondly, to provide a reserve mapping of options back to intents. On the first motive: the feedback that we're getting from several RPs is that the WebAuthn spec is dauntingly complex. They go into it with a certain user experience in mind but the translation of that intent to concrete options is extremely challenging. While third-party documentation can also help address this, the spec should stand alone. On the second motive: #1292 contains a request from a browser to add an extra option to translate the other options into a higher-level motive. The hope is that, in defining a mapping fro high-level intent to specific options, we also implicitly define the reverse mapping and so browsers can also extract the intent from the options. It is unlikely that the reverse mapping will be total, rather some combinations of options will not map to any higher-level intent. Considering that set is hoped to be useful. This PR is not yet complete and is being submitted in its current form ahead of TPAC to help inform the discussion around #1292. See https://github.com/w3c/webauthn/pull/1300
Received on Thursday, 12 September 2019 23:12:16 UTC