how to handle multiple domains from Marius Scurtescu on 2019-04-23 (public-webauthn@w3.org from April 2019)

From: Marius Scurtescu <marius.scurtescu@coinbase.com>
Date: Tue, 23 Apr 2019 10:05:11 -0700
To: public-webauthn@w3.org
Message-ID: <CABpvcNvFLS05uEJYT1=5AxEZxCGh0Ver96_fG5EuByKnV6g3aQ@mail.gmail.com>

Trying to figure how is WebAuthn supposed to work in an environment where
there are multiple domains.

The simple case is when all have a common root domain, example.com, and web
applications are deployed at www.example.com. foo.example.com and
bar.example.com.

Is setting RPDI to example.com good enough? Any suggestions?

What about the not so simple case when there is no common root domain?

Is there a better mailing list to raise this issue?

Is there a reason why facets (or something similar) are not available for
FIDO2/WebAuthn? See:
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-appid-and-facets-v2.0-id-20180227.html
https://groups.google.com/a/fidoalliance.org/forum/#!topic/fido-dev/zP7XTnEywB4

Thanks,
Marius

Received on Wednesday, 24 April 2019 10:45:34 UTC