Re: [webauthn] Add explicit description on what should be done in incognito/private browsing mode (#1174) from Adam Langley via GitHub on 2019-07-31 (public-webauthn@w3.org from July 2019)

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Wed, 31 Jul 2019 20:59:46 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-517018915-1564606785-sysbot+gh@w3.org>

From the call of 2019-07-31:

We agree the putting some language in the spec about this, and aligning user agents' behaviour, makes sense. I think that language should be non-normative because I'm worried about introducing normative language around something that has hitherto been implementation defined.

We lean towards a system of notice about the persistence of credential creation rather than one of forbidding creating credentials in private modes, or one of making credentials ephemeral.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1174#issuecomment-517018915 using your GitHub account

Received on Wednesday, 31 July 2019 20:59:47 UTC