- From: Stephen McGruer <smcgruer@google.com>
- Date: Tue, 19 Jul 2022 09:21:32 -0400
- To: Web Payments Working Group <public-payments-wg@w3.org>
Received on Tuesday, 19 July 2022 13:51:38 UTC
Hi folks, (Sending email as the next WG meeting isn't until August 18th and so we cannot discuss live.) As you may recall, we have discussed a need in the Web Payments WG for WebAuthn credential creation to be available in a cross-origin iframe (e.g., to allow a https://bank.com iframe embedded inside of https://merchant.com to enroll a user during a payment flow). We've heard that this is useful both for SPC as well as users of 'pure' WebAuthn. To that end, I've drafted the comment below to re-open the discussion with our WebAuthn colleagues on issue 1656 <https://github.com/w3c/webauthn/issues/1656>. I hope for the comment to be made with the backing of the WPWG, so please do take a look and feel free to give feedback. [Draft] WebAuthn issue to re-allow credential creation in a cross-origin iframe I leave it to the chairs how we might want to ratify support for this; I'm happy to wait until the August 18th sync, or perhaps we can just do it over email? Thanks, Stephen -- smcgruer • he / him
Received on Tuesday, 19 July 2022 13:51:38 UTC