Explicitly recommend generating AAGUIDs randomly. (#826)

Fixes #452.
w3c · Mar 28, 2018 · d2c3c35 · d2c3c35
1 parent 0e29880
commit d2c3c35
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/index.bs b/index.bs
@@ -2105,9 +2105,9 @@ Each authenticator stores a <dfn for=authenticator>credentials map</dfn>, a [=ma
 
 Additionally, each authenticator has an AAGUID, which is a 128-bit identifier indicating the type (e.g. make and model) of the
 authenticator. The AAGUID MUST be chosen by the manufacturer to be identical across all substantially identical authenticators
-made by that manufacturer, and different (with probability 1-2<sup>-128</sup> or greater) from the AAGUIDs of all other types of
-authenticators. The RP MAY use the AAGUID to infer certain properties of the authenticator, such as certification level and
-strength of key protection, using information from other sources.
+made by that manufacturer, and different (with high probability) from the AAGUIDs of all other types of authenticators.
+The AAGUID for a given type of authenticator SHOULD be randomly generated to ensure this. The RP MAY use the AAGUID to infer certain
+properties of the authenticator, such as certification level and strength of key protection, using information from other sources.
 
 The primary function of the authenticator is to provide WebAuthn signatures, which are bound to various contextual data. These
 data are observed and added at different levels of the stack as a signature request passes from the server to the