- From: Rob Trace via GitHub <sysbot+gh@w3.org>
- Date: Mon, 19 Sep 2016 16:18:13 +0000
- To: public-webauthn@w3.org
I would agree that we should add this explicitly. Thanks!! -Rob From: Yaron Sheffer [mailto:notifications@github.com] Sent: Saturday, September 17, 2016 1:11 AM To: w3c/webauthn <webauthn@noreply.github.com> Subject: [w3c/webauthn] Location Extension and privacy (#208) 8.5: The Location Extension seems to conflict with privacy constraints in mobile operating systems, where a user can allow location information to each application. How do we allow the user to give consent to each RPID separately to access location data? @vijaybh<https://github.com/vijaybh>: Managing this is left up to the clients. Clients can strip this extension from sites that do not have permissions to location data. I suggest to add Vijay's solution explicitly, e.g.: In many cases operating systems prevent applications from accessing the user's location information. If this is the case, the client MUST NOT forward this extension to the authenticator. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub<https://github.com/w3c/webauthn/issues/208>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADqEcPcZEAI4veLsO2ZnST6c8lmRAgjsks5qq6B-gaJpZM4J_im9>. -- GitHub Notification of comment by UWDawgfan12 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/208#issuecomment-248040625 using your GitHub account
Received on Monday, 19 September 2016 16:18:20 UTC