sbweeden
commented
1 day ago agree this should be switched. @emlun to create PR per WG call on 20 Nov
Open zacknewman opened 1 week ago
sbweeden
commented
1 day ago agree this should be switched. @emlun to create PR per WG call on 20 Nov
Currently step 27 occurs before steps 28 and 29; however it seems weird to "create and store a new credential record in the user account" before successfully completing steps 28 and 29, right? This means one could save a credential even though the ceremony fails later.
A similar issue exists for the authentication ceremony where step 23 occurs before steps 24 and 25.
I think moving those steps last makes the most sense since this way any credential creation or update occurs iff the ceremony succeeds.