Remove authenticatorSelection from get() options and pass UV paramete…

…r standalone It's just confusing to send the whole `AuthenticatorSelectionCriteria` structure but ignore of forbid 2 of the 3 members. If those additional parameters should be added in the future, that will probably be a breaking change anyway.
w3c · Nov 6, 2017 · 330552f · 330552f
1 parent af7da2d
commit 330552f
Showing 1 changed file with 18 additions and 23 deletions.
diff --git a/index.bs b/index.bs
@@ -978,23 +978,19 @@ method is invoked, the user agent MUST:
     Resolving this with good definitions or some other means will be addressed by resolving
     [Issue #613](https://github.com/w3c/webauthn/issues/613).
 
-    1. If |options|.{{PublicKeyCredentialRequestOptions/authenticatorSelection}} is [=present=], and
-        |options|.{{PublicKeyCredentialRequestOptions/authenticatorSelection}}.{{AuthenticatorSelectionCriteria/requireUserVerification}}
-        is set to {{UserVerificationRequirement/required}}, and the |authenticator| is not capable of performing [=user
-        verification=], [=iteration/continue=].
+    1. If |options|.{{PublicKeyCredentialRequestOptions/requireUserVerification}} is set to
+        {{UserVerificationRequirement/required}} and the |authenticator| is not capable of performing [=user verification=],
+        [=iteration/continue=].
 
     1. Let |userVerification| be the <dfn>effective user verification requirement for assertion</dfn>, a Boolean value, as
         follows:
-        - If
-            |options|.{{PublicKeyCredentialRequestOptions/authenticatorSelection}}.{{AuthenticatorSelectionCriteria/requireUserVerification}}
-            is set to {{UserVerificationRequirement/required}}, let |userVerification| be true.
-        - If
-            |options|.{{PublicKeyCredentialRequestOptions/authenticatorSelection}}.{{AuthenticatorSelectionCriteria/requireUserVerification}}
-            is set to {{UserVerificationRequirement/wanted}}, let |userVerification| be true if the |authenticator| is capable
-            of [=user verification=] and false if the |authenticator| is not capable of [=user verification=].
-        - If
-            |options|.{{PublicKeyCredentialRequestOptions/authenticatorSelection}}.{{AuthenticatorSelectionCriteria/requireUserVerification}}
-            is set to {{UserVerificationRequirement/not-wanted}}, let |userVerification| be false.
+        - If |options|.{{AuthenticatorSelectionCriteria/requireUserVerification}} is set to
+            {{UserVerificationRequirement/required}}, let |userVerification| be true.
+        - If |options|.{{AuthenticatorSelectionCriteria/requireUserVerification}} is set to
+            {{UserVerificationRequirement/wanted}}, let |userVerification| be true if the |authenticator| is capable of [=user
+            verification=] and false if the |authenticator| is not capable of [=user verification=].
+        - If |options|.{{AuthenticatorSelectionCriteria/requireUserVerification}} is set to
+            {{UserVerificationRequirement/not-wanted}}, let |userVerification| be false.
 
     1. Let |allowCredentialDescriptorList| be a new [=list=].
 
@@ -1426,8 +1422,9 @@ attributes.
         [=Client-side-resident Credential Private Key=] when creating a [=public key credential=].
 
     :   <dfn>requireUserVerification</dfn>
-    ::  This member describes the [=[RP]=]'s requirements regarding [=user verification=] for this operation. If this member is
-        [=present=], eligible authenticators are filtered to satisfy this requirement as well as possible.
+    ::  This member describes the [=[RP]=]'s requirements regarding [=user verification=] for this
+        {{CredentialsContainer/create()}} operation. If this member is [=present=], eligible authenticators are filtered to
+        satisfy this requirement as well as possible.
 </div>
 
 
@@ -1477,7 +1474,7 @@ an assertion. Its {{PublicKeyCredentialRequestOptions/challenge}} member must be
         unsigned long                        timeout;
         USVString                            rpId;
         sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
-        AuthenticatorSelectionCriteria       authenticatorSelection;
+        UserVerificationRequirement          requireUserVerification = "not-wanted";
         AuthenticationExtensions             extensions;
     };
 </xmp>
@@ -1501,12 +1498,10 @@ an assertion. Its {{PublicKeyCredentialRequestOptions/challenge}} member must be
         acceptable to the caller, in decending order of the caller's preference (the first item in the list is the most
         preferred credential, and so on down the list).
 
-    :   <dfn>authenticatorSelection</dfn>
-    ::  This member is intended for use by [=[RPS]=] that wish to select the appropriate authenticators to participate in
-        the {{CredentialsContainer/get()}} operation.
-
-        Note: Only the {{AuthenticatorSelectionCriteria/requireUserVerification}} member of this member currently has any effect
-        when used in {{PublicKeyCredentialRequestOptions}}; any other members are ignored.
+    :   <dfn>requireUserVerification</dfn>
+    ::  This member describes the [=[RP]=]'s requirements regarding [=user verification=] for this
+        {{CredentialsContainer/get()}} operation. If this member is [=present=], eligible authenticators are filtered to
+        satisfy this requirement as well as possible.
 
     :   <dfn>extensions</dfn>
     ::  This optional member contains additional parameters requesting additional processing by the client and authenticator.