mikewest has just created a new issue for https://github.com/w3c/webauthn: == `rpID` origin relaxation? == @annevk pointed out the algorithm in https://w3c.github.io/webauthn/#makeCredential which makes use of bits and pieces of `document.domain` that I would dearly love to remove from the platform. :) It doesn't look like this (or the corresponding bits of `getAssertion()`) intend to change the document's origin, but it's not clear to me what impact they do have. Is the intent to support sharing auth tokens cross-origin? If so, could you help me understand why the origin model fails to support the use cases y'all have in mind? Thanks! Please view or discuss this issue at https://github.com/w3c/webauthn/issues/338 using your GitHub accountReceived on Monday, 13 February 2017 09:44:33 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC