Credentials API - Issue 279 from Adrian Hope-Bailie on 2015-04-20 (public-credentials@w3.org from April 2015)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Mon, 20 Apr 2015 11:45:15 +0200
To: W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <CA+eFz_J0AMjvsXvMRzAe7UfGOOaew5RWE7pP3+YZjye++GtEGw@mail.gmail.com>

The latest changes to the Credentials API spec have introduced the idea of
Credential Synthesis by the UA based on knowledge of the user's browsing
behavior.

I have logged this as an issue on the basis that I have concerns around
abuse by browser vendors who may favor their own (or partner) identity
providers.

https://github.com/w3c/webappsec/issues/279

Received on Monday, 20 April 2015 09:45:43 UTC