improved documentation, especially with regards to the extension

2020-07-09 19:06:42 +02:00
parent cc0e2bb1c3
commit 9c673844d5
4 changed files with 23 additions and 15 deletions
--- a/README.md
+++ b/README.md
@@ -104,7 +104,11 @@ a few things you can personalize:
    user verification. This helps privacy, but can make usage less comfortable
    for credentials that need less protection.
 6.  Increase the default minimum length for PINs in `ctap/storage.rs`.
-    The current minimum is 4. Values from 4 to 63 are allowed.
+    The current minimum is 4. Values from 4 to 63 are allowed. Requiring longer
+    PINs can help establish trust between users and relying parties. It makes
+    user verification harder to break, but less convenient.
+    NIST recommends 6 at least digit PINs in section 5.1.9.1:
+    https://pages.nist.gov/800-63-3/sp800-63b.html
    You can add relying parties to the list of readers of the minimum PIN length.

 ### 3D printed enclosure