You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this may involve some changes to the two main algorithms, and definitely should be mentioned in the user verification definition. as @jyasskin notes in PR #460:
Even if the authenticator can "distinguish individual users", it needs to record which user authorized create() and only sign credentials when the same user authorizes a get() call.
The text was updated successfully, but these errors were encountered:
+1 on clearer step, though I am not sure how to do that. Obviously all platforms use some sort of storage structure to memorize each user and associate the gestures. However, beyond that, I have very limited knowledge of how it is done. I am also not sure about the IP aspect because different device manufacturers use different ways to identify users.
+1 on clearer step, though I am not sure how to do that. Obviously all platforms use some sort of storage structure to memorize each user and associate the gestures. However, beyond that, I have very limited knowledge of how it is done. I am also not sure about the IP aspect because different device manufacturers use different ways to identify users.
We do not have to get into details. I am thinking we can have a generic high-level fairly abstract statement to the effect that: user verification at {#getAssertion} time must identify the same user as was verified at {#createCredential} time. or something to that effect that we can agree on.
…was verified at create() time (#976)
* add anchor to authnrMakeCred user consent step
* add user-must-be-same adminition to authnrGetAssn
* update comment wrt tagged step
* make it a Note
* spelling
this may involve some changes to the two main algorithms, and definitely should be mentioned in the user verification definition. as @jyasskin notes in PR #460:
The text was updated successfully, but these errors were encountered: