Re: [webauthn] overall security considerations section or document from =JeffH via GitHub on 2017-11-29 (public-webauthn@w3.org from November 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 29 Nov 2017 17:34:14 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-347936349-1511976853-sysbot+gh@w3.org>

an [overall security considerations section](https://w3c.github.io/webauthn/#security-considerations) was recently added to the spec via PR #681.  however, IMO, to close this issue it ought to be enhanced to explain that the present web authn sec cons are incomplete, update the ref to [[FidoSecRef]]  to a newer version, and to please refer to [[FidoSecRef]] for further info.  we could/should then open another issue regarding having thorough webauthn-specific security considerations.

WDYT?


-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/322#issuecomment-347936349 using your GitHub account

Received on Wednesday, 29 November 2017 17:34:18 UTC