Strictly speaking, "< 1024" and "not larger than 1024" are not equivalent.

Question

Strictly speaking, "< 1024" and "not larger than 1024" are not equivalent.

mikel-misha opened this issue 2 years ago · 2 comments

1. Check that the <code>[=credentialId=]</code> is &le; 1023 bytes. Credential IDs larger than this many bytes SHOULD cause the RP to fail this [=registration ceremony=].

And if I may (this is more subjective), I think it's worth eliminating the little indirection here. Not that it's a lot of cognitive load, but every bit helps.

1. Check that the <code>[=credentialId=]</code> is &le; 1023 bytes long. Credential IDs larger than 1023 bytes SHOULD cause the RP to fail this [=registration ceremony=].

Originally posted by @emlun in w3c/webauthn#1664 (comment)

naddison36 commented 2 years ago

more spam

mikel-misha commented 2 years ago

more spam