Re: [webauthn] Add explicit description on what should be done in incognito/private browsing mode (#1174) from Akshay Kumar via GitHub on 2019-07-17 (public-webauthn@w3.org from July 2019)

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 17 Jul 2019 20:02:56 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-512547186-1563393775-sysbot+gh@w3.org>

Basic thought I had was, having different behavior in inprivate/incognito mode and regular mode gives away the knowledge of browser's operating mode to the RP. Which all browsers strive not to do that. 

Above comment was for MacOS. How about Windows/Android?

I would prefer a warning to the user saying about the implications of creating a credential in incognito/inprivate mode and allowing the creation of the credential on each browser. 

-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1174#issuecomment-512547186 using your GitHub account

Received on Wednesday, 17 July 2019 20:02:57 UTC