From 8c6827e6b9dd1dc602b0bb2aad40fab95c75118f Mon Sep 17 00:00:00 2001
From: Emil Lundberg <emil@yubico.com>
Date: Mon, 7 Oct 2024 16:16:18 +0200
Subject: [PATCH] Add warning about sending PRF outputs to server

---
 index.bs | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/index.bs b/index.bs
index 060d1b51e..561347a69 100644
--- a/index.bs
+++ b/index.bs
@@ -7510,6 +7510,15 @@ Note: this extension may be implemented for [=authenticators=] that do not use [
 
         :   <dfn>results</dfn>
         ::  The results of evaluating the PRF for the inputs given in {{AuthenticationExtensionsPRFInputs/eval}} or {{AuthenticationExtensionsPRFInputs/evalByCredential}}. Outputs may not be available during [=registration=]; see comments in {{AuthenticationExtensionsPRFInputs/eval}}.
+
+            Advisement:
+            For some use cases, for example if PRF outputs are used to derive encryption keys to use only on the client side,
+            it may be necessary to omit this {{AuthenticationExtensionsPRFOutputs/results}} output
+            if the {{PublicKeyCredential}} is sent to a remote server,
+            for example to perform the procedures in [[#sctn-rp-operations]].
+            Note in particular that the {{RegistrationResponseJSON}} and {{AuthenticationResponseJSON}}
+            returned by <code>{{PublicKeyCredential}}.{{PublicKeyCredential/toJSON()}}</code>
+            will include this {{AuthenticationExtensionsPRFOutputs/results}} output if present.
     </div>
 
 ### Large blob storage extension (<dfn>largeBlob</dfn>) ### {#sctn-large-blob-extension}