Refine User Verification description #1162
Comments
|
It is true that authenticators might allow registering several people's fingerprints to the same account, for example, but I'd argue it's still true that the intent of UV is to distinguish individual users. Also, multiple people could very well share the same "user" account at an RP anyway. I don't think we really need to change anything here. |
|
On second thought, maybe we should acually define the term "user". Then that definition could point out that a user could be one or more physical persons. |
33 tasks
|
I suggest saying "legitimate device owner" or "device owner" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The description of User Verification includes following sentence.
In fact, If we enroll multiple fingerprints of family members to the authenticator (device), the authenticator never identify the each users. But, this sentence may mislead to readers that the authenticator can distinguish or identify the users.
It is more like the process that checks the user's authority to register the credential or authenticate with the credential.
The text was updated successfully, but these errors were encountered: