W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2018

Re: [webauthn] Tighten security scope by port

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 24 Apr 2018 09:53:58 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-383873709-1524563638-sysbot+gh@w3.org>
What is the reason to allow viewing `example.com` and `www.example.com` as the same domain, but not `example.com` and `example.com:1234`? The former two might not even resolve to the same address in DNS, but the latter two always will, right?

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/873#issuecomment-383873709 using your GitHub account
Received on Tuesday, 24 April 2018 09:54:00 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC