W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2017

Re: [webauthn] reconciling origin and RP ID handling

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Fri, 26 May 2017 22:55:06 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-304404229-1495839304-sysbot+gh@w3.org>
@AngeloKai said:
> I am just hoping someone can explain to me why an RP should allow credential to be relaxed to a registerable domain suffix?

please see #241 "enforce strict same-origin policy on rpid" and your comment on it before we closed it: https://github.com/w3c/webauthn/issues/241#issuecomment-264337464

see also: https://github.com/w3c/webauthn/pull/464#issuecomment-303785687

-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/464#issuecomment-304404229 using your GitHub account
Received on Friday, 26 May 2017 22:55:12 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:26 UTC