For when we add a privacy considerations section to the spec, a property I believe is critical to capture is that an RP should be unable to learn if a matching credential is present or not until the user has given permission to allow the web site to access their wallet. This means, for example, that the UX of the no credential found case must be indistinguishable (eg. in terms of the occlusion and impact on web-observable input events) from the case where credentials are found.
See also #104 for a potential future way to mitigate the negative consequences of this principle.
For when we add a privacy considerations section to the spec, a property I believe is critical to capture is that an RP should be unable to learn if a matching credential is present or not until the user has given permission to allow the web site to access their wallet. This means, for example, that the UX of the no credential found case must be indistinguishable (eg. in terms of the occlusion and impact on web-observable input events) from the case where credentials are found.
See also #104 for a potential future way to mitigate the negative consequences of this principle.