Merge pull request #2214 from w3c/issue-2202-pref-list-duplicates

Clarify behaviour of duplicate pubKeyCredParams and attestationFormats
w3c · Dec 11, 2024 · 0996971 · 0996971
2 parents 3bc8301 + eb13ee1
commit 0996971
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/index.bs b/index.bs
@@ -3513,6 +3513,7 @@ optionally evidence of [=user consent=] to a specific transaction.
     :   <dfn>pubKeyCredParams</dfn>
     ::  This member lists the key types and signature algorithms the [=[RP]=] supports,
         ordered from most preferred to least preferred.
+        Duplicates are allowed but effectively ignored.
         The [=client=] and [=authenticator=] make a best-effort to create a credential of the most preferred type possible.
         If none of the listed types can be created, the {{CredentialsContainer/create()}} operation fails.
 
@@ -3554,7 +3555,8 @@ optionally evidence of [=user consent=] to a specific transaction.
     :   <dfn>attestationFormats</dfn>
     ::  The [=[RP]=] MAY use this OPTIONAL member to specify a preference regarding the [=attestation=] statement format used by the [=authenticator=].
         Values SHOULD be taken from the IANA "WebAuthn Attestation Statement Format Identifiers" registry [[!IANA-WebAuthn-Registries]] established by [[!RFC8809]].
-        Values are ordered from most preferable to least preferable.
+        Values are ordered from most preferred to least preferred.
+        Duplicates are allowed but effectively ignored.
         This parameter is advisory and the [=authenticator=] MAY use an attestation statement not enumerated in this parameter.
 
         The default value is the empty list, which indicates no preference.