[webauthn] document why only "valid domain" format is allowed for "effective domain" from =JeffH via GitHub on 2017-08-02 (public-webauthn@w3.org from August 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 02 Aug 2017 23:42:00 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-247553558-1501717318-sysbot+gh@w3.org>

equalsJeffH has just created a new issue for https://github.com/w3c/webauthn:

== document why only "valid domain" format is allowed for "effective domain" ==
the rationale is [essentially the same as for HSTS, which is documented like so](https://tools.ietf.org/html/rfc6797#appendix-A)...
```
4.     HSTS Hosts are identified only via domain names -- explicit IP
       address identification of all forms is excluded.  This is for
       simplification and also is in recognition of various issues with
       using direct IP address identification in concert with PKI-based
       security.
```


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/517 using your GitHub account

Received on Wednesday, 2 August 2017 23:42:01 UTC