W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 06 Jun 2018 17:03:47 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-395142256-1528304626-sysbot+gh@w3.org>
Yes, there's no way for the authenticator to make that validation. I agree that ", and that the RP ID is a registrable domain suffix of or is equal to the effective domain of the RP’s origin's effective domain" should be removed.

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/933#issuecomment-395142256 using your GitHub account
Received on Wednesday, 6 June 2018 17:03:51 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC