Re: [webauthn] Fetch intergration for WebAuthn API from Jeffrey Yasskin via GitHub on 2017-04-05 (public-webauthn@w3.org from April 2017)

From: Jeffrey Yasskin via GitHub <sysbot+gh@w3.org>
Date: Wed, 05 Apr 2017 05:42:22 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-291760019-1491370941-sysbot+gh@w3.org>

FWIW, #384 (https://api.csswg.org/bikeshed/?url=https://raw.githubusercontent.com/battre/webauthn/cm-api-strawman/index.bs#iface-scopedcredential) doesn't propose to hide the signature from Javascript, so it doesn't need `PasswordCredential`'s Fetch involvement, just like `FederatedCredential` doesn't need it.

https://github.com/whatwg/fetch/pull/237#issuecomment-194765426 does anticipate extending Fetch for FIDO, but I suspect they didn't realize that it was safe to expose WebAuthn's response to JS.

@mikewest, do you agree with me that it'd be ok to just close this?

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/354#issuecomment-291760019 using your GitHub account

Received on Wednesday, 5 April 2017 05:42:29 UTC