Fix PRF registration inputs referencing eval instead of salt1 and salt2

emlun · emlun · commit e75c208cae67 · 2025-06-13T15:30:14.000+02:00
diff --git a/index.bs b/index.bs
@@ -7518,8 +7518,8 @@ but also cannot be deleted by the client since the [=authenticator data=] is sig
        1. If the authenticator does not support the CTAP2 `hmac-secret` extension [[FIDO-CTAP]],
             but does support some other implementation compatible with the abstract authenticator processing defined below:
           1. Set {{AuthenticationExtensionsPRFOutputs/enabled}} to [TRUE].
-          1. If {{AuthenticationExtensionsPRFInputs/eval}} is present,
-              use some unspecified mechanism to convey {{AuthenticationExtensionsPRFInputs/eval}} to the authenticator as the inputs to evaluate the PRF on.
+          1. If |salt1| is defined, use some unspecified mechanism to convey |salt1| and,
+              if defined, |salt2| to the authenticator as PRF inputs, in that order.
           1. Use some unspecified mechanism to receive the PRF outputs from the authenticator.
               Set <code>{{AuthenticationExtensionsPRFOutputs/results}}</code> to the evaluation results, if any.
 
