Sensible limits for RP and User Entity fields.

w3c · Nov 1, 2017 · 272a663 · 272a663
1 parent bcb5c11
commit 272a663
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/index.bs b/index.bs
@@ -1274,11 +1274,15 @@ associated.
 <div dfn-type="dict-member" dfn-for="PublicKeyCredentialEntity">
     :   <dfn>name</dfn>
     ::  A human-friendly identifier for the entity. For example, this could be a company name for a [=[RP]=], or a
-        user's name. This identifier is intended for display.
+        user's name. This identifier is intended for display. Authenticators while creating a credential MUST support
+	minimum of 64 bytes for this field and optionally can truncate how much it wants to store if this field is more
+	than 64 bytes.
 
     :   <dfn>icon</dfn>
     ::  A [=URL serializer|serialized=] URL which resolves to an image associated with the entity. For example, this could be
-        a user's avatar or a [=[RP]=]'s logo. This URL MUST be an [=a priori authenticated URL=].
+        a user's avatar or a [=[RP]=]'s logo. This URL MUST be an [=a priori authenticated URL=]. Authenticators while
+	creating a credential MUST support minimum of 128 bytes for this field and optionally can drop this field if
+	if this field is more than 128 bytes.
 </div>
 
 
@@ -1315,7 +1319,9 @@ credential.
     ::  The [=user handle=] of the user account entity.
 
     :   <dfn>displayName</dfn>
-    ::  A friendly name for the user account (e.g., "John P. Smith").
+    ::  A friendly name for the user account (e.g., "John P. Smith"). Authenticators while creating a credential MUST support
+	minimum of 64 bytes for this field and optionally can truncate how much it wants to store if this field is more
+	than 64 bytes.
 </div>