- From: Daniel Appelquist <notifications@github.com>
- Date: Mon, 07 Feb 2022 09:46:18 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 7 February 2022 17:46:31 UTC
Hi @ianbjacobs – it's not clear to me if the web site (or another party) would, in the context of this transaction, be privy to information about the authentication mechanisms on the client which might give them more info about the end user than the user would expect to be sharing? For example - would the web site know that a biometric dialog had been shown to the user? What if the user chose to dismiss that dialog and opt for another authentication mechanism? In other words - they click "cancel" on the dialog box below? Would the web site be able to detect that? <img width="430" alt="Screenshot 2022-02-07 at 17 40 17" src="https://user-images.githubusercontent.com/287526/152842392-22643c8f-2b9c-420e-b103-350f8ba3cd34.png"> -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/675#issuecomment-1031743097 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/675/1031743097@github.com>
Received on Monday, 7 February 2022 17:46:31 UTC