Fix #622: Clarify PublicKeyCredentialEntity name descriptions #666
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -1343,8 +1343,7 @@ optionally evidence of [=user consent=] to a specific transaction. | |
| : <dfn>rp</dfn> | ||
| :: This member contains data about the [=[RP]=] responsible for the request. | ||
|
|
||
| Its value's {{PublicKeyCredentialEntity/name}} member is required. | ||
|
|
||
| Its value's {{PublicKeyCredentialRpEntity/id}} member specifies the [=relying party identifier=] with which the credential | ||
| should be associated. If omitted, its value will be the {{CredentialsContainer}} object's [=relevant | ||
|
|
@@ -1353,14 +1352,8 @@ optionally evidence of [=user consent=] to a specific transaction. | |
| : <dfn>user</dfn> | ||
| :: This member contains data about the user account for which the [=[RP]=] is requesting attestation. | ||
|
|
||
| Its value's {{PublicKeyCredentialEntity/name}}, {{PublicKeyCredentialUserEntity/displayName}} and | ||
|
There was a problem hiding this comment. user's "name" and "displayName" are not required according to CTAP spec. Only user's "id" is required. On FIDO device, RP's "id" and users "id" makes a unique combination to identify a credentials. Rest of the fields are helper details which are optional. There was a problem hiding this comment. For an authenticator with a display (or, for example, an authenticator app on a phone), needs this information to show a useful message. "Do you want to register at example.com with Alex P. Mueller?" is a lot more informative (and, I would argue, security conscious) than "Do you want to register?". Storing this information on the authenticator is more privacy than security sensitive, especially considering that the device is already entrusted with the keys. Perhaps I am biased but I assume authenticator vendors are security and privacy conscious enough to encrypt this additional information. If not, don't buy their products. For getAssertion, I am fine with making this optional. If the device needs the information, it can store it. |
||
| {{PublicKeyCredentialUserEntity/id}} members are required. | ||
|
|
||
| : <dfn>challenge</dfn> | ||
| :: This member contains a challenge intended to be used for generating the newly created credential's [=attestation | ||
|
|
@@ -1405,10 +1398,18 @@ associated. | |
| </xmp> | ||
| <div dfn-type="dict-member" dfn-for="PublicKeyCredentialEntity"> | ||
| : <dfn>name</dfn> | ||
| :: A human-readable name for the entity. Its function depends on what the {{PublicKeyCredentialEntity}} represents: | ||
|
There was a problem hiding this comment. I would s/-readable/-palatable/. And add this note: c.f. https://www.internet2.edu/media/medialibrary/2013/09/04/internet2-mace-dir-eduperson-200604.html There was a problem hiding this comment. Sounds good. I'll change to "palatable" in the ...UserEntity bullet point, but leave the top one as "readable" since that applies to both the User and Rp variants and Rp.name doesn't necessarily need to be reproducible. Does that sound good? There was a problem hiding this comment. What does copyright legalese say about flat-out copying that definition from the EduPerson spec? Should we reference the EduPerson spec for it? There was a problem hiding this comment. As per the 2017-12-13 WG call, this is fair use and attribution is good practice. |
||
|
|
||
| - When inherited by {{PublicKeyCredentialRpEntity}} it is a human-friendly identifier for the [=[RP]=], intended only | ||
|
|
||
| for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "Awesome Site". | ||
| - When inherited by {{PublicKeyCredentialUserEntity}}, it is a human-readable identifier for a user account. It is | ||
| intended only for display, and SHOULD allow the user to easily tell the difference between user accounts with similar | ||
|
There was a problem hiding this comment. well, when inherited by {{PublicKeyCredentialUserEntity}}, an RP MAY use the I'm thinking we should add a Note: wrt an RP's options when employing There was a problem hiding this comment. I'm not sure what you mean by your first paragraph. The member is required and won't be passed back to the RP, only (optionally) stored by the authenticator. The RP MAY use |
||
| {{PublicKeyCredentialUserEntity/displayName}}s. For example, "alexm", alex.p.mueller@acme.com" or "+14255551234". The | ||
|
There was a problem hiding this comment. s/, alex.p.mueller/, "alex.p.mueller/ |
||
| [=[RP]=] SHOULD let the user choose this, and MAY restrict the choice as needed or appropriate. | ||
|
There was a problem hiding this comment. I suggest: s/ [=[RP]=] SHOULD /=[RP]=] MAY / because this is really up to the RP's deployment context. Also, after "appropriate.", I would add: "For example, an [=[RP]=] may choose to map human-palatable [=username=] account identifiers to {{PublicKeyCredentialUserEntity}}'s {{PublicKeyCredentialUserEntity/name}}." ..where [=username=] perhaps should link to https://html.spec.whatwg.org/#attr-fe-autocomplete-username (AFAICT, it seems to be the most appropriate place to link "username" to in the greater Web specs space, for our purposes here). There was a problem hiding this comment. Apparently, There was a problem hiding this comment.
yeah, none of the autolinks for "username" amongst whatwg/w3c specs seemed very satisfying to me, so i was thinking that the link to https://html.spec.whatwg.org/#attr-fe-autocomplete-username would be the most clear for readers in terms of implying that we mean username in the sense of "unique-for-this-rp user account name". Though, I suppose we could just define it as such ourselves. |
||
|
|
||
| [=Authenticators=] MUST accept and store a 64 byte minimum length for a {{PublicKeyCredentialEntity/name}} members's | ||
| value. Authenticators MAY truncate a {{PublicKeyCredentialEntity/name}} member's value to a length equal to or greater | ||
| than 64 bytes. | ||
|
|
||
| : <dfn>icon</dfn> | ||
| :: A [=URL serializer|serialized=] URL which resolves to an image associated with the entity. For example, this could be | ||
|
|
@@ -1451,9 +1452,12 @@ credential. | |
| :: The [=user handle=] of the user account entity. | ||
|
|
||
| : <dfn>displayName</dfn> | ||
| :: A human-friendly name for the user account, intended only for display. For example, "Alex P. Müller" or "田中 倫". The | ||
| [=[RP]=] SHOULD let the user choose this, and SHOULD NOT restrict the choice more than necessary. | ||
|
|
||
| [=Authenticators=] MUST accept and store a 64 byte minimum length for a {{PublicKeyCredentialUserEntity/displayName}} | ||
| members's value. Authenticators MAY truncate a {{PublicKeyCredentialUserEntity/displayName}} member's value to a length | ||
| equal to or greater than 64 bytes. | ||
| </div> | ||
|
|
||
|
|
||
|
|
@@ -3756,14 +3760,14 @@ The sample code for generating and registering a new key follows: | |
|
|
||
| // Relying Party: | ||
| rp: { | ||
| name: "ACME Corporation" | ||
| }, | ||
|
|
||
| // User: | ||
| user: { | ||
| id: Uint8Array.from(window.atob("MIIBkzCCATigAwIBAjCCAZMwggE4oAMCAQIwggGTMII="), c=>c.charCodeAt(0)), | ||
| name: "alex.p.mueller@example.com", | ||
| displayName: "Alex P. Müller", | ||
| icon: "https://pics.acme.com/00/p/aBjjjpqPb.png" | ||
| }, | ||
|
|
||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
RP's "name" is optional according to CTAP spec. See below comment.