- From: gmandyam via GitHub <sysbot+gh@w3.org>
- Date: Thu, 18 Apr 2019 20:48:22 +0000
- To: public-webauthn@w3.org
@equalsJeffH Would have to see the text proposal, but bear in mind that secure context does not necessarily mean the webpage was retrieved via a TLS connection. For instance, https://www.w3.org/TR/secure-contexts/#localhost has a 127.0.0.1 carve-out that in my experience browser vendors have honored with respect to other API's requiring secure contexts (e.g. Encrypted Media Extensions). Rather than try to paraphrase what a secure context actually means in the Webauthn intro, I would consider adding a reference to how the UA should determine if a webpage corresponds to a secure context: https://www.w3.org/TR/secure-contexts/#algorithms -- GitHub Notification of comment by gmandyam Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1201#issuecomment-484684656 using your GitHub account
Received on Thursday, 18 April 2019 20:48:24 UTC