Disambiguate appid extension output behaviour

As discussed in issue #982: #982
w3c · Jul 11, 2018 · 905de00 · 905de00
1 parent a96110e
commit 905de00
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/index.bs b/index.bs
@@ -3958,6 +3958,7 @@ JavaScript APIs.
 ::  1. Let |facetId| be the result of passing the caller's [=origin=] to the
         FIDO algorithm for [=determining the FacetID of a calling application=].
     1. Let |appId| be the extension input.
+    1. Let |output| be the Boolean value [FALSE].
     1. Pass |facetId| and |appId| to the FIDO algorithm for [=determining if a
         caller's FacetID is authorized for an AppID=]. If that algorithm rejects
         |appId| then return a "{{SecurityError}}" {{DOMException}}.
@@ -3966,11 +3967,12 @@ JavaScript APIs.
         returning `SW_WRONG_DATA`) then the client MUST retry with the U2F application
         parameter set to the SHA-256 hash of |appId|. If this results in an applicable
         credential, the client MUST include the credential in
-        <var ignore>allowCredentialDescriptorList</var>. The value of |appId| then replaces the `rpId`
+        <var ignore>allowCredentialDescriptorList</var> and set |output| to [TRUE]. The value of |appId| then replaces the `rpId`
         parameter of [=authenticatorGetAssertion=].
 
 : Client extension output
-:: Returns the value [TRUE] to indicate to the [=[RP]=] that the extension was acted upon.
+:: Returns the value of |output|.
+
     <xmp class="idl">
     partial dictionary AuthenticationExtensionsClientOutputs {
       boolean appid;