W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2020

Re: [webauthn] Transaction Authorization provides a simple and effective method to implement the PSD2 Dynamic Linking requirement. (#1396)

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Thu, 02 Apr 2020 08:22:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-607696859-1585815771-sysbot+gh@w3.org>
@equalsJeffH:
a) What exactly is the potential harm that could happen when displaying arbitrary strings?
b) Would a "framing" be sifficient, e.g. Browser displays "The website acme.com asks you to confirm the following transaction: [transaction string as provided by RP] <Reject> <Accept>?

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1396#issuecomment-607696859 using your GitHub account
Received on Thursday, 2 April 2020 08:22:55 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:40 UTC