w3c · emlun · Dec 10, 2025
diff --git a/index.bs b/index.bs
@@ -7538,7 +7538,14 @@ but also cannot be deleted by the client since the [=authenticator data=] is sig
 : Authenticator extension input / output
 :: [=prf|This extension=] is abstract over the authenticator implementation,
     using either the [[FIDO-CTAP]] `hmac-secret` extension or an unspecified interface for communication between the client and authenticator.
-    It thus does not specify a CBOR interface for inputs and outputs.
+    It thus does not specify a CBOR interface for inputs and outputs, except for the following requirement:
+
+    - [=Authenticator extension outputs=] MUST NOT contain cleartext PRF outputs.
+
+        Note: This is because the [=authenticator data=] is signed,
+        so authenticator extension outputs cannot be omitted in case the {{PublicKeyCredential}} needs to be sent to the [=[RP]=] server.
+        This is important for use cases where PRF outputs should remain private to the client side,
+        such as using PRF outputs to derive encryption keys.
 
 : Authenticator extension processing
 :: [=Authenticators=] that support the [[FIDO-CTAP]] `hmac-secret` extension implement authenticator processing as defined in that extension.