Re: [webauthn] Transaction Authorization provides a simple and effective method to implement the PSD2 Dynamic Linking requirement. (#1396) from Rolf Lindemann via GitHub on 2020-04-02 (public-webauthn@w3.org from April 2020)

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Thu, 02 Apr 2020 08:22:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-607696859-1585815771-sysbot+gh@w3.org>

@equalsJeffH:
a) What exactly is the potential harm that could happen when displaying arbitrary strings?
b) Would a "framing" be sifficient, e.g. Browser displays "The website acme.com asks you to confirm the following transaction: [transaction string as provided by RP] <Reject> <Accept>?

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1396#issuecomment-607696859 using your GitHub account

Received on Thursday, 2 April 2020 08:22:55 UTC