[webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced from Boris Zbarsky via GitHub on 2016-11-04 (public-webauthn@w3.org from November 2016)

From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
Date: Fri, 04 Nov 2016 18:17:08 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-187403942-1478283426-sysbot+gh@w3.org>

bzbarsky has just created a new issue for 
https://github.com/w3c/webauthn:

== The W3C HTML spec is broken, and probably shouldn't be referenced 
==
I was pretty confused by 
https://www.w3.org/TR/html51/browsers.html#relaxing-the-same-origin-restrictions
 step 7.2, as referenced from 
https://w3c.github.io/webauthn/#dom-webauthentication-makecredential 
step 3, because it's completely nonsensical: it causes the algorithm 
to _always_ throw.

Then I realized that this is the W3C version of the HTML spec, which 
has all sorts of known issues like this.  For comparison, 
https://html.spec.whatwg.org/multipage/browsers.html#relaxing-the-same-origin-restriction
 step 7.2 is correct...

Please reference the things that actually have the behavior you want.
  I guess if you have to reference W3C HTML, that makes it your 
problem to check that it has the behavior you want and push on its 
editors to fix it if it does not.

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/257 using your GitHub account

Received on Friday, 4 November 2016 18:17:14 UTC