- From: Adam Powers via GitHub <sysbot+gh@w3.org>
- Date: Wed, 18 Jul 2018 00:12:57 +0000
- To: public-webauthn@w3.org
apowers313 has just created a new issue for https://github.com/w3c/webauthn: == Revise same-origin as ancestor requirements == Picking up where we left off on w3c/webappsec-credential-management#3 and related to #873 and #911... There is a need by some relying parties to be able to use WebAuthn in child browsing contexts (e.g. - iframes, child windows, etc.). Currently WebAuthn [requires](https://w3c.github.io/webauthn/#getAssertion) `sameOriginWithAncestors` which prevents these use cases. @equalsJeffH had put together an [initial proposal](https://docs.google.com/presentation/d/1sK9hhI0y25iioyLGMKwdhtpe-sVRV7Ln4pMHR2JXApw/edit) on how this might work and presented it during a meeting and we didn't hear anyone complain. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1001 using your GitHub account
Received on Wednesday, 18 July 2018 00:13:01 UTC