Re: [webauthn] Add example of different RP ID and AppID (#1165) from James Manger via GitHub on 2019-03-06 (public-webauthn@w3.org from March 2019)

From: James Manger via GitHub <sysbot+gh@w3.org>
Date: Wed, 06 Mar 2019 00:26:37 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-469915022-1551831996-sysbot+gh@w3.org>

Would https://accounts.example.com/appId be a better sample AppID than https://accounts.example.com?
Both might be valid, but the latter makes it awkward to serve a TrustedFacetList from that address, which is necessary to authorise mobile apps and sibling domains to share the credentials.

-- 
GitHub Notification of comment by manger
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/1165#issuecomment-469915022 using your GitHub account

Received on Wednesday, 6 March 2019 00:26:38 UTC