You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@stephenmcgruer there was a discussion earlier in the year / last year around ensuring that the payment bit was stored with and backed up with the WebAuthn credential. I believe the core reason was to ensure the bit was available across WebAuthn clients, and the secondary reason was to ensure the bit was still present on a new device.
We discussed in WebAuthn WG (w3c/webauthn#2153) and came to the conclusion that the SPC spec should state this, as the extension is wholly defined in this spec.
I think it could be as simple as:
"The payment bit MUST be stored with the Public Key Credential Source and MUST be backed up for [=backup eligible=] credentials."
The text was updated successfully, but these errors were encountered:
@stephenmcgruer there was a discussion earlier in the year / last year around ensuring that the payment bit was stored with and backed up with the WebAuthn credential. I believe the core reason was to ensure the bit was available across WebAuthn clients, and the secondary reason was to ensure the bit was still present on a new device.
We discussed in WebAuthn WG (w3c/webauthn#2153) and came to the conclusion that the SPC spec should state this, as the extension is wholly defined in this spec.
I think it could be as simple as:
"The payment bit MUST be stored with the Public Key Credential Source and MUST be backed up for [=backup eligible=] credentials."
The text was updated successfully, but these errors were encountered: