- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Mon, 27 Feb 2017 02:42:20 +0000
- To: public-webauthn@w3.org
Well, it is not a change appropriate for [draft-ietf-tokbind-protocol](https://tools.ietf.org/html/draft-ietf-tokbind-protocol), since that spec does not delve into user agent implementation particulars (tho it does mention this use case in [section 5](https://tools.ietf.org/html/draft-ietf-tokbind-protocol-13#section-5) 2nd paragraph). We might also reference [draft-ietf-tokbind-https](https://tools.ietf.org/html/draft-ietf-tokbind-https), but it does not answer this user agent-specific question, so may not be appropriate for this spec to reference(?). In nosing around, it seems to me that, yes, we should perhaps add something to the HTML spec, and given that an [environment settings object](https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object) has an [HTTPS state value](https://fetch.spec.whatwg.org/#concept-https-state-value), perhaps we should propose adding an HTTPSProperties interface of which an attribute is the Token Binding ID (if any) for the underlying TLS connection? -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/360#issuecomment-282614608 using your GitHub account
Received on Monday, 27 February 2017 02:42:27 UTC