[webauthn] Clarify which sign. algm.'s RP's must support (Sec. 4.3.2.1.2) from gmandyam via GitHub on 2016-05-13 (public-webauthn@w3.org from May 2016)

From: gmandyam via GitHub <sysbot+gh@w3.org>
Date: Fri, 13 May 2016 07:37:25 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-154651309-1463125042-sysbot+gh@w3.org>

gmandyam has just created a new issue for 
https://github.com/w3c/webauthn:

== Clarify which sign. algm.'s RP's must support (Sec. 4.3.2.1.2) ==
Current text states "The following algorithms must be implemented by 
servers:" and goes on to list target signing methods.  But the text 
later says "WebAuthn Relying Parties must implement all the algorithms
 implemented by the authenticators that they support."

The two statements seem to contradict each other.  For instance, if an
 RP does not support any authenticators that implement ECDAA then it 
does not seem to be necessary for the RP to implement ECDAA.  Would 
recomment changing "The following algorithms must be implemented by 
servers:"  to "One or more of the following algorithms must be 
implemented by servers (depending on the authenticators that servers 
support):"

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/104 using your GitHub account

Received on Friday, 13 May 2016 07:37:26 UTC