- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 03 May 2019 20:28:41 +0000
- To: public-webauthn@w3.org
> all domain names that resolve to 127.0.0.1 should have the same RP ID That would mean that processing Webauthn requests depends on doing DNS resolution. And the DNS resolution at what time? At the time of the request? What if a network attacker changes the result after page load? At the time of loading? But loading doesn't have to involve DNS at all. I fear that is unworkable. -- GitHub Notification of comment by agl Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1204#issuecomment-489229683 using your GitHub account
Received on Friday, 3 May 2019 20:28:42 UTC