Yes; the idea is to minimize the number of places one ever checks the caller's anything (especially origin). Why does this spec want to introduce a new way of doing so? It's generally a very confusing programming model for developers with some security drawbacks as well. -- GitHub Notification of comment by domenic Please view or discuss this issue at https://github.com/w3c/webauthn/issues/271#issuecomment-269571042 using your GitHub accountReceived on Thursday, 29 December 2016 02:03:10 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC