- From: Vijay Bharadwaj via GitHub <sysbot+gh@w3.org>
- Date: Thu, 28 Jul 2016 05:43:16 +0000
- To: public-webauthn@w3.org
vijaybh has just created a new issue for https://github.com/w3c/webauthn: == Client processing steps are not aligned with authenticator model == The conceptual model for the client-authenticator interface is that the authenticator neither sees nor cares about the fields in clientData, receiving them only in the form of clientDataHash. However our exposition does not correctly reflect this. The processing steps for makeCredential and getAssertion pass different things to the authenticator (and don't even pass clientDataHash) and the ClientData structure itself is only defined in the authenticator model. To clean this up, the ClientData definition needs to move to the API definition section, and both makeCredential and getAssertion should compute and pass clientDataHash to the authenticator methods. Also the authenticator methods should not receive any of the inidividual fields of ClientData as parameters. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/153 using your GitHub account
Received on Thursday, 28 July 2016 05:43:24 UTC