- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 11 May 2018 17:25:11 +0000
- To: public-webauthn@w3.org
agl has just created a new issue for https://github.com/w3c/webauthn: == Allow clients to stop the `get` flow when certain conditions are met == Christiaan requests the following: If an RP sends down a list of credentialIds to the platform, and: 1. The RP specifically asked only for built-in credentials (we're still debating how an RP would do this), and none matches any built-in credential, _or_ 1. The user explicitly taps the “wrong” external authenticator which doesn't house any of the credentialIds that was sent down by the RP, _or_ 1. The user explicitly cancels out of the flow that tells them to insert an external authenticator since the credential IDs couldn't be found on built-in authenticators Then the client should render a dialog that says “no credential found” and, upon the user dismissing the dialog box, the RP should immediately be notified that no matching credentialIds could be found. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/905 using your GitHub account
Received on Friday, 11 May 2018 17:25:14 UTC