@@ -143,6 +143,14 @@ public class RelyingParty {
143143 * The extension input to set for the <code>appid</code> extension when initiating authentication
144144 * operations.
145145 *
146+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
147+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
148+ * needed for new registrations, even of U2F authenticators.
149+ *
150+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
151+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
152+ * needed for new registrations, even of U2F authenticators.
153+ *
146154 * <p>If this member is set, {@link #startAssertion(StartAssertionOptions) startAssertion} will
147155 * automatically set the <code>appid</code> extension input, and {@link
148156 * #finishAssertion(FinishAssertionOptions) finishAssertion} will adjust its verification logic to
@@ -327,9 +335,9 @@ public class RelyingParty {
327335
328336 /**
329337 * If <code>true</code>, {@link #finishAssertion(FinishAssertionOptions) finishAssertion} will
330- * fail if the {@link AuthenticatorData#getSignatureCounter() signature counter value} in the
331- * response is not strictly greater than the {@link RegisteredCredential#getSignatureCount()
332- * stored signature counter value}.
338+ * succeed only if the {@link AuthenticatorData#getSignatureCounter() signature counter value} in
339+ * the response is strictly greater than the {@link RegisteredCredential#getSignatureCount()
340+ * stored signature counter value}, or if both counters are exactly zero .
333341 *
334342 * <p>The default is <code>true</code>.
335343 */
@@ -558,6 +566,14 @@ public RelyingPartyBuilder credentialRepository(CredentialRepository credentialR
558566 * The extension input to set for the <code>appid</code> extension when initiating
559567 * authentication operations.
560568 *
569+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
570+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
571+ * needed for new registrations, even of U2F authenticators.
572+ *
573+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
574+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
575+ * needed for new registrations, even of U2F authenticators.
576+ *
561577 * <p>If this member is set, {@link #startAssertion(StartAssertionOptions) startAssertion} will
562578 * automatically set the <code>appid</code> extension input, and {@link
563579 * #finishAssertion(FinishAssertionOptions) finishAssertion} will adjust its verification logic
@@ -579,6 +595,14 @@ public RelyingPartyBuilder appId(@NonNull Optional<AppId> appId) {
579595 * The extension input to set for the <code>appid</code> extension when initiating
580596 * authentication operations.
581597 *
598+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
599+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
600+ * needed for new registrations, even of U2F authenticators.
601+ *
602+ * <p>You do not need this extension if you have not previously supported U2F. Its purpose is to
603+ * make already-registered U2F credentials forward-compatible with the WebAuthn API. It is not
604+ * needed for new registrations, even of U2F authenticators.
605+ *
582606 * <p>If this member is set, {@link #startAssertion(StartAssertionOptions) startAssertion} will
583607 * automatically set the <code>appid</code> extension input, and {@link
584608 * #finishAssertion(FinishAssertionOptions) finishAssertion} will adjust its verification logic
0 commit comments