W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2020

Re: [webauthn] Consider allowing cross-domain credential use (#1372)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Wed, 12 Feb 2020 00:43:07 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-584948893-1581468186-sysbot+gh@w3.org>
> > Alternatives in this field require browser redirects or iframes that access both a.com (for authentication) and then perform federated SSO to b.com. This is an undersirable user experience in many cases.
> 
> I'm curious in what cases would the iframe UX be undesirable or insufficient.

There are enterprise examples where network partitioning makes only b.com (and not a.com) accessible from browser at a particular point in time. 

There are consumer examples where b.com does not want to expose redirects to a.com all the way back to the browser - b.com wants to control the UX at all times. This latter example is similar to the requirement Dirk discussed regarding payments processing at a PSP (not wanting any redirect to the customer's bank). 

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1372#issuecomment-584948893 using your GitHub account
Received on Wednesday, 12 February 2020 00:43:19 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:39 UTC