Add [[implicitMediation]] internal slot to Credential#298
Conversation
Some credential types (e.g., DigitalCredential) always enforce a
specific mediation requirement regardless of what the developer passes.
Previously, downstream specs had to use unreachable prose ("MUST NOT
throw") to override behavior in the upstream algorithm.
This adds [[implicitMediation]] to the Credential dfn list with a
default value of null. When a subtype sets it to a non-null
CredentialMediationRequirement value, the Request a Credential algorithm
skips the conditional/immediate support checks for that type.
This resolves the contradiction between Credential Management step 9
(throw TypeError for conditional + unsupporting type) and Digital
Credentials (which says MUST NOT throw for any mediation value).
Closes #297
There was a problem hiding this comment.
Pull request overview
This PR updates the Credential Management spec to introduce a new Credential interface-object internal slot, [[implicitMediation]], intended to let certain credential types enforce a fixed mediation requirement (and avoid throwing when callers pass other mediation values), aligning Cred Man’s “Request a Credential” algorithm with downstream specs like Digital Credentials.
Changes:
- Adds
Credential/[[implicitMediation]]to theCredentialinternal-slot definitions (defaultnull). - Updates step 9 of “Request a Credential” to bypass conditional/immediate validation for interfaces with
[[implicitMediation]]set. - Fixes some algorithm-list formatting/indentation in the affected section.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| 1. [=set/For each=] |interface| of |interfaces|: | ||
|
|
||
| 1. If |interface|'s {{Credential/[[implicitMediation]]}} is not null, [=iteration/continue=]. | ||
|
|
There was a problem hiding this comment.
I agree with this bot comment ^
| When {{Credential/[[implicitMediation]]}} is not null, the credential type behaves as if | ||
| the developer had passed that {{CredentialMediationRequirement}} value, and the user agent | ||
| MUST NOT reject based on the actual value of |
| When {{Credential/[[implicitMediation]]}} is not null, the credential type behaves as if | ||
| the developer had passed that {{CredentialMediationRequirement}} value, and the user agent | ||
| MUST NOT reject based on the actual value of | ||
| {{CredentialRequestOptions/mediation}} for that [=credential/credential type=]. |
| 1. [=set/For each=] |interface| of |interfaces|: | ||
|
|
||
| 1. If |interface|'s {{Credential/[[implicitMediation]]}} is not null, [=iteration/continue=]. | ||
|
|
There was a problem hiding this comment.
I agree with this bot comment ^
|
|
||
| When {{Credential/[[implicitMediation]]}} is not null, the credential type behaves as if | ||
| the developer had passed that {{CredentialMediationRequirement}} value, and the user agent | ||
| MUST NOT reject based on the actual value of |
There was a problem hiding this comment.
I think this needs more specification. Mediation is a property of the request, not of each credential type.
What happens if e.g. two credential types with conflicting implicit mediation are passed? We could say that's disallowed, but we should be explicit about it. Wherever we do that, we probably want to do something like setting the request's mediation value to the implicit mediation of the passed credential type.
Closes #297
Summary
[[implicitMediation]]to theCredentialdfn list (default: null)[[implicitMediation]]is setThe problem
Step 9 throws TypeError when
mediation: "conditional"is passed to a type that doesn't support it. But the DC spec says "MUST NOT throw an error if the mediation member has a value other than required." DC's instruction is unreachable because the TypeError fires in this algorithm before DC's[[DiscoverFromExternalSource]]is called.WebKit's implementation already ignores mediation for digital credentials (no TypeError), matching DC's intent but not this spec's algorithm.
The fix
Credential types can now declare
[[implicitMediation]]="required"(or another value). When set, step 9 skips that type and does not throw. The type always behaves as if that mediation value was passed.Landing order
[[implicitMediation]]= "required", removes "MUST NOT throw" prose)Related
[[origin]]refactoring)Preview | Diff