Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RP guidance for invalidStateError returned from [[Create]]() #1331

Closed
equalsJeffH opened this issue Oct 21, 2019 · 3 comments
Closed

RP guidance for invalidStateError returned from [[Create]]() #1331

equalsJeffH opened this issue Oct 21, 2019 · 3 comments

Comments

@equalsJeffH
Copy link
Contributor

equalsJeffH commented Oct 21, 2019

the Note that PR #1326 inserts into the spec explains the purpose of the UV gesture solicited in the authenticatorMakeCredential() operation when there are match(es) in the |excludeCredentialDescriptorList|. Essentially, we're explaining in the (new) Note that: "if the RP gets an invalidStateError back from a nav.creds.Create() call, they can do something user-helpful with that info".

However, this guidance for the RP is buried in "Note:"s in spec sections that we are not suggesting RP devs read (i.e., in the spec roadmap).

Additionally, our "RP Ops - registering a new cred" section only says "abort the ceremony with a user-visible error" if an error is returned from Create().

Seems like we ought to provide more guidance to the RP reader. Perhaps add this to the "rp operations - registering a new cred" section ?

Are there also similar RP considerations for "RP Ops - verifying an authentication assertion" we ought to add to the latter section?

@equalsJeffH
Copy link
Contributor Author

this is a nice-to-have issue, can be addressed in a milestone later than wd-03 or not at all.

@equalsJeffH equalsJeffH added the stat:puntable Issue or PR that is candidate to move to a later milestone label Jul 1, 2020
@nadalin nadalin removed the stat:puntable Issue or PR that is candidate to move to a later milestone label Jul 21, 2020
@equalsJeffH
Copy link
Contributor Author

equalsJeffH commented Oct 14, 2020

@sbweeden -- what's your take on this issue? Is it worth addressing? If so, might you as an RP have wording suggestions?

@sbweeden
Copy link
Contributor

Closing - addressed with #1502

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants