Re: [webauthn] WebAuthn available to Workers? aka "silent authentication" (#199) from John Bradley via GitHub on 2019-02-20 (public-webauthn@w3.org from February 2019)

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Wed, 20 Feb 2019 18:26:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-465698105-1550687210-sysbot+gh@w3.org>

To a large extent, this overlaps with token binding.   If you do a authentication with the token binding extension you can then token bind a cookie, or otherwise record the token binding ID and check the header on subsequent requests.   I understand that token binding is not available on all platforms at the moment.  However, I think that is a better way to go than creating a new method of doing super cookies.


-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/199#issuecomment-465698105 using your GitHub account

Received on Wednesday, 20 February 2019 18:26:53 UTC