- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Wed, 03 Apr 2019 18:00:35 +0000
- To: public-webauthn@w3.org
wrt @agl's [comment above](https://github.com/w3c/webauthn/issues/911#issuecomment-470718913) Yes wrt [Permissions](https://w3c.github.io/permissions/), tho this general "how to safely orchestrate cross-origin + iframe webauthn usage" topic, along with the potentially enabling technologies ([feature policy](https://w3c.github.io/webappsec-feature-policy/), [permissions](https://w3c.github.io/permissions/), [digital asset links](https://developers.google.com/digital-asset-links/), et al), is complex (cf. the [original post](https://github.com/w3c/webauthn/issues/911#issue-323420798)). I expect that we have more investigation to do here wrt feature policy vs permissions and such before deciding on a particular solution approach. -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/911#issuecomment-479596069 using your GitHub account
Received on Wednesday, 3 April 2019 18:00:40 UTC