Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Specify what an unknown type credential descriptor being ignored means #1966

Closed
wants to merge 1 commit into from
Closed

Specify what an unknown type credential descriptor being ignored means #1966

wants to merge 1 commit into from

Conversation

amoseui
Copy link

@amoseui amoseui commented Sep 18, 2023
edited by pr-preview bot

The spec describes that client platforms MUST ignore any PublicKeyCredentialDescriptor with an unknown type. However, there is no further specification about the case when this results in an empty allowCredentials. It must not be treated as an empty list.

The client MUST return an error if none of the listed credentials can be used in allowCredentials. For instance, if all of the listed credentials have PublicKeyCredentialDescriptor with an unknown type, the client MUST throw NotAllowedError.

Fixes #1748

Preview | Diff

@amoseui
Specify what an unknown type credential descriptor being ignored means
5f47918 
The spec describes that client platforms MUST ignore any
PublicKeyCredentialDescriptor with an unknown type. However, there is no
further specification about the case when this results in an empty
allowCredentials. It must not be treated as an empty list.

The client MUST return an error if none of the listed credentials can be used
in allowCredentials. For instance, if all of the listed credentials have
PublicKeyCredentialDescriptor with an unknown type, the client MUST throw
NotAllowedError.

Fixes w3c#1748
@w3cbot
Copy link

w3cbot commented Sep 18, 2023

amoseui marked as non substantive for IPR from ash-nazg.

@agl agl mentioned this pull request Sep 21, 2023
Merged
@agl
Copy link
Contributor

agl commented Sep 21, 2023

The chair of the WG wasn't happy with treating this as non-substantive w.r.t IPR, so we'll treat this as an issue rather than a pull request and, if we make a change, it'll be in a different issue.

However, there is no further specification about the case when this results in an empty allowCredentials.

The algorithm for making a credential does say that if you filter a list to the point that it becomes empty, then that's an error.

But it's perhaps worth noting here too. I've drawn up #1971 to do that.

@nadalin nadalin assigned agl and unassigned agl Sep 27, 2023
@nadalin nadalin requested a review from agl September 27, 2023 18:53
@agl
Copy link
Contributor

agl commented Sep 27, 2023

(Moving this to #1971.)

@agl agl closed this Sep 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agl agl Awaiting requested review from agl

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Better specify what an unknown type credential descriptor being ignored means
3 participants
@amoseui @w3cbot @agl