Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

finish removing "create credential" permissions policy cruft #1685

Closed
equalsJeffH opened this issue Dec 7, 2021 · 0 comments · Fixed by #1686
Closed

finish removing "create credential" permissions policy cruft #1685

equalsJeffH opened this issue Dec 7, 2021 · 0 comments · Fixed by #1686
Assignees
@equalsJeffH
Labels
type:editorial
Milestone
L3-WD-01

Comments

@equalsJeffH
Copy link
Contributor

Upon taking a close look at the spec with regards to references to "permissions policy", I've noticed that there remains some cruft with respect to there being a permissions policy with respect to credential creation (i.e., publickey-credential-create), which we ostensibly removed via PR #1394.

specifically:

  1. Section [5.1.3. Create a New Credential - PublicKeyCredential’s [Create] Method](https://www.w3.org/TR/webauthn-3/#sctn-createCredential) continues to have a Note regarding permissions policy (it should not):

    Note: Invocation of this internal method indicates that it was allowed by permissions policy, which is evaluated at the [CREDENTIAL-MANAGEMENT-1] level. See § 5.9 Permissions Policy integration.

  2. The Note in section 5.9. Permissions Policy integration continues to mention [[DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors) --- it should not.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@equalsJeffH equalsJeffH

Labels
type:editorial
Projects
None yet
Milestone
L3-WD-01
Development

Successfully merging a pull request may close this issue.

remove extraneous "create credential" permissions policy cruft w3c/webauthn
1 participant
@equalsJeffH