Re: [webauthn] restrict WebAuthentication API to only top level browsing context

@equalsJeffH Agreed that the spec currently is doing this. It's just that I am not sure everyone in the WG, including the two other browser folks, actually know that the spec currently says this. @nadalin perhaps this is something we should bring up at the next WG call. 

In the meantime, I am fine with closing this issue and move on to discussion in the credman spec repo. Should we also open another issue in this spec repo that corresponds to the credman issue? My concern is that decisions-making in the credman repo ends up impacting the WebAuthn spec without the folks here knowing about it. I guess there's a discussion about how this workflow should work to be had. Perhaps moving the credman spec to this WG? I am not familiar with W3C process to figure out how much complexity doing this way will be. 

-- 
GitHub Notification of comment by AngeloKai
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/374#issuecomment-311757547 using your GitHub account

Received on Wednesday, 28 June 2017 19:07:24 UTC