Highlight that filtering all pubKeyCredParams is an error.

While this is specified in the [algorithm steps][REF], it's arguably subtle and surprising and thus worth calling out. [REF]: https://w3c.github.io/webauthn/#ref-for-dom-publickeycredentialdescriptor-type%E2%91%A0
w3c · Sep 21, 2023 · 254d007 · 254d007
1 parent baf774a
commit 254d007
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/index.bs b/index.bs
@@ -3882,6 +3882,8 @@ It mirrors some fields of the {{PublicKeyCredential}} object returned by
 
         This mirrors the {{Credential/type}} field of {{PublicKeyCredential}}.
 
+        Note: if all {{PublicKeyCredentialDescriptor}} elements in {{PublicKeyCredentialRequestOptions/allowCredentials}} are ignored then that must result in an error since an empty {{PublicKeyCredentialRequestOptions/allowCredentials}} is semantically distinct.
+
     :   <dfn>id</dfn>
     ::  This member contains the [=credential ID=] of the [=public key credential=] the caller is referring to.