W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] credentials.get() should have optional parameters for userVerification and userPresence

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 13 Oct 2017 20:45:54 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-336562904-1507927539-sysbot+gh@w3.org>
@idamlaj Silent credential creation has been rejected before for precisely the reason you describe, but what's described here is specifically the authentication operation. Ad trackers thus won't be able to silently create credentials. There's also been talk of applying the same origin policy here as well, but I'm not sure where we currently stand on that.

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/629#issuecomment-336562904 using your GitHub account
Received on Friday, 13 October 2017 20:45:42 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC