Re: [webauthn] restrict WebAuthentication API to only top level browsing context

I think that, for the same reasons, in today's U2F implementation that is used at Google, the registration and attestation can only be triggered by the mainframe as well.

-- 
GitHub Notification of comment by battre
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/374#issuecomment-285476214 using your GitHub account

Received on Thursday, 9 March 2017 20:39:49 UTC