W3C home > Mailing lists > Public > public-webauthn@w3.org > December 2019

Re: [webauthn] Add a way to use webauthn without Javascript (#1255)

From: Ignas Kiela via GitHub <sysbot+gh@w3.org>
Date: Tue, 03 Dec 2019 08:56:05 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-561065408-1575363363-sysbot+gh@w3.org>
@equalsJeffH where could I find more info on it?

I don't think QUIC specific technology would address all the use cases. Namely Tor wouldn't be able to use it, as it doesn't support UDP that QUIC uses. Personally I don't think that authentication should be coupled with transport mechanisms, as that would prevent using it via alternative methods of transport, since not all of them might not be available. E.g. UDP is currently quite often blocked in networks. Now QUIC might change this, but it would take a while for change to happen. Thus a bizzarre situation might happen where both a server and the browser support an auth mechanism, but can't use it because something in between doesn't.

-- 
GitHub Notification of comment by ignaloidas
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1255#issuecomment-561065408 using your GitHub account
Received on Tuesday, 3 December 2019 08:56:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:09 UTC