W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 06 Jun 2018 17:03:47 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-395142256-1528304626-sysbot+gh@w3.org> 
Yes, there's no way for the authenticator to make that validation. I agree that ", and that the RP ID is a registrable domain suffix of or is equal to the effective domain of the RP’s origin's effective domain" should be removed.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/933#issuecomment-395142256 using your GitHub account
Received on Wednesday, 6 June 2018 17:03:51 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC