Re: Intent to Migrate Device Bound Session Credentials from WICG to WebAppSec from Simone Onofri on 2024-12-13 (public-webappsec@w3.org from December 2024)

From: Simone Onofri <simone@w3.org>
Date: Fri, 13 Dec 2024 13:19:21 +0100
To: Daniel Rubery <drubery@google.com>
Cc: public-webappsec@w3.org
Message-Id: <E65D2E5C-F38A-40A5-87A3-FC2F184F8C73@w3.org>

Hi Daniel,

Thank you for the e-mail; during this time we discussed this with Mike, Dan, Team, and other Working Groups.

I want to propose two next steps:
 - Have a brief meeting with other groups that are working on credentials (e.g., Web Authentication, Federated Identity, Web Payments, WICG for Digital Credentials) to harmonize the effort
 - As per the explainer, there are Privacy Considerations. Ask for a Horizontal Review.

What do you think?

Thank you,

Simone


> On 12 Dec 2024, at 01:20, Daniel Rubery <drubery@google.com> wrote:
> 
> Hello,
> 
> As agreed in the 2024-11-20 meeting of WebAppSec (notes), we’d like to move Device Bound Session Credentials from WICG to WebAppSec. See the explainer here and the Intent to Migrate here.
> 
> Let me know what the next steps are.
> 
> Thanks,
> Dan Rubery

Received on Friday, 13 December 2024 12:19:54 UTC