W3C home > Mailing lists > Public > public-payments-wg@w3.org > July 2022

Re: Re-opening discussion with WebAuthn on credential creation in an iframe

From: Stephen McGruer <smcgruer@google.com>
Date: Wed, 20 Jul 2022 06:34:37 -0400
Message-ID: <CADY3MafjwpsPJNEJ+qXjeM6HfHdh6UXbC7r3FbvRJAz57AjZ5A@mail.gmail.com>
To: Web Payments Working Group <public-payments-wg@w3.org>
Whoops, it appears that my link to the draft comment was bad. Thanks to
those that let me know. The correct link is:


On Tue, 19 Jul 2022 at 09:21, Stephen McGruer <smcgruer@google.com> wrote:

> Hi folks,
> (Sending email as the next WG meeting isn't until August 18th and so we
> cannot discuss live.)
> As you may recall, we have discussed a need in the Web Payments WG for
> WebAuthn credential creation to be available in a cross-origin iframe
> (e.g., to allow a https://bank.com iframe embedded inside of
> https://merchant.com to enroll a user during a payment flow). We've heard
> that this is useful both for SPC as well as users of 'pure' WebAuthn.
> To that end, I've drafted the comment below to re-open the discussion with
> our WebAuthn colleagues on issue 1656
> <https://github.com/w3c/webauthn/issues/1656>. I hope for the comment to
> be made with the backing of the WPWG, so please do take a look and feel
> free to give feedback.
> [Draft] WebAuthn issue to re-allow credential creation in a cross-origin
> iframe
> I leave it to the chairs how we might want to ratify support for this; I'm
> happy to wait until the August 18th sync, or perhaps we can just do it over
> email?
> Thanks,
> Stephen
> --
> smcgruer • he / him

smcgruer • he / him
Received on Wednesday, 20 July 2022 10:35:01 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 20 July 2022 10:35:03 UTC