W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2019

Re: how to handle multiple domains

From: David Waite <dwaite@pingidentity.com>
Date: Wed, 24 Apr 2019 21:30:08 -0600
Message-ID: <CA+3kW=b-p4iJuMtX2U=A=wvb4O39dAzjLoPLZaH-g3MV969r+Q@mail.gmail.com>
To: Marius Scurtescu <marius.scurtescu@coinbase.com>
Cc: Emil Lundberg <emil@yubico.com>, public-webauthn@w3.org
On Wed, Apr 24, 2019 at 3:55 PM Marius Scurtescu <
marius.scurtescu@coinbase.com> wrote:

> Thanks for confirming Emil.
>
> David, yes, federation is one solution but it does not cover all use
> cases. One use case is prompting for a second factor before sensitive
> operations, a full page redirect to the IdP might not be the desired UX.
>

This may wind up being related to some of the needs the Web Payment group
have. There was previous talk about the effect of Web Authn within an
iFrame.


> And yes, Android already supports something like you describe. You have to
> include the Android app in the asset links file with the right relationship
> type. Not sure if iOS has anything similar yet.
>

iOS doesn't have any exposed Web Authentication or other authenticator
functionality yet, so no :) They do have password credential sharing with
Safari based on the same metadata mechanism as universal links.

-DW

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._
Received on Thursday, 25 April 2019 03:30:43 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:04 UTC