- From: Jeffrey Yasskin via GitHub <sysbot+gh@w3.org>
- Date: Wed, 09 Aug 2017 17:52:46 +0000
- To: public-webauthn@w3.org
I think @AngeloKai's original problem is of a small organization moving from old.example.com to new.example.com. They have a trusted credential-source bound to old.example.com and need to either move it to new.example.com or create a new trusted credential-source bound to new.example.com.
1. User visits new.example.com/login.
2. User is redirected to old.example.com/move-credential
3. Server, which is shared between {old,new}.example.com, generates a capability token tied to user's identity, and redirects back to new.example.com/heres-your-credential?token=689347...
4. new.example.com/heres-your-credential?token=... generates a new credential-source and sends its public key along with the token back to the Server.
5. Server remembers the new token as trusted. The migration is complete.
--
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/458#issuecomment-321331908 using your GitHub account
Received on Wednesday, 9 August 2017 17:52:47 UTC