- From: David Waite <dwaite@pingidentity.com>
- Date: Wed, 24 Apr 2019 05:18:56 -0600
- To: Emil Lundberg <emil@yubico.com>
- Cc: public-webauthn@w3.org
- Message-ID: <CA+3kW=bGEEvf8jyFQaaonwrQyak4E62wT-2UXW+S9VdmVCCx0A@mail.gmail.com>
On Wed, Apr 24, 2019 at 5:00 AM Emil Lundberg <emil@yubico.com> wrote: > > Is there a reason why facets (or something similar) are not available > > for FIDO2/WebAuthn? > > I personally don't know, but my guess is that the facet resolution logic > adds too much complexity for too little benefit. Perhaps someone else on > the list can elaborate on this decision. > I suspect that there were also identified privacy impacts, as I could set a facet to be quite far-reaching. To support multiple domain roots, you probably should use federation and SSO. My money is on a form of facets eventually coming back for non-web usage in a very limited form, not to support multiple domains but to support direct native app usage when associated with a domain (e.g iOS Universal Links, Android App Links ) -DW -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
Received on Wednesday, 24 April 2019 11:19:31 UTC