Re: [webauthn] WebAuthn available to Workers? aka "silent authentication" from Emil Lundberg via GitHub on 2017-11-03 (public-webauthn@w3.org from November 2017)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 Nov 2017 09:15:46 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-341652447-1509700545-sysbot+gh@w3.org>

I also think silent assertions would open up more and worse issues than it solves. I can see a case for a "keep-alive session" kind of mode where a user confirmed assertion can authorize silent assertions for a specific RP for some amount of time thereafter, but I'm opposed to "super cookie" silent assertions as @akshayku puts it.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/199#issuecomment-341652447 using your GitHub account

Received on Friday, 3 November 2017 09:15:51 UTC