From 848aebc79b58bb6386cfd4d0c2dd498a749551bc Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 16 Jan 2023 13:52:48 +0000
Subject: [PATCH] Minor clarifications in the docs

---
 README.md | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index a90356bc..642b7cdb 100644
--- a/README.md
+++ b/README.md
@@ -293,8 +293,10 @@ configured with the following attributes:
 The known queries are identified by name. It does not matter what
 operations you do as long as the queries take the expected input
 substitution parameters, and return rows with the expected number of
-fields (column names do not matter). You should use the parameter
-substitution symbol `?` as placeholder for query parameters.
+fields (column names do not matter). Note that the order of returned
+columns is critical, and it should match what is documented here. You
+should use the parameter substitution symbol `?` as placeholder for
+query parameters.
 
 * `get_user` takes a single parameter (the user name) and must return
   a single row with *email*, *password*, *TOTP secret* and *shard*
@@ -334,12 +336,12 @@ CREATE TABLE group_memberships (
     group_name text NOT NULL
 );
 CREATE INDEX group_memberships_idx ON group_memberships(email);
-CREATE TABLE u2f_registrations (
+CREATE TABLE webauthn_registrations (
     email text NOT NULL,
     key_handle blob NOT NULL,
     public_key blob NOT NULL
 );
-CREATE INDEX u2f_registrations_idx ON u2f_registrations(email);
+CREATE INDEX webauthn_registrations_idx ON webauthn_registrations(email);
 CREATE TABLE service_passwords (
     email text NOT NULL,
     service text NOT NULL,
@@ -348,6 +350,9 @@ CREATE TABLE service_passwords (
 CREATE INDEX service_passwords_idx ON service_passwords(email);
 ```
 
+(Note: this isn't a great schema example due to the lack of
+referential integrity, it's just useful as an example)
+
 With this schema, one could use the following configuration for a
 service:
 
@@ -361,7 +366,7 @@ services:
           queries:
             get_user: "SELECT email, password, totp_secret, shard FROM users WHERE email = ?"
             get_user_groups: "SELECT group_name FROM group_memberships WHERE email = ?"
-            get_user_u2f: "SELECT public_key, key_handle FROM u2f_registrations WHERE email = ?"
+            get_user_u2f: "SELECT public_key, key_handle FROM webauthn_registrations WHERE email = ?"
             get_user_asp: "SELECT service, password FROM service_passwords WHERE email = ?"
 ```
 
-- 
GitLab