W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2020

Re: [webauthn] WebAuthn and Web Payments -- Transaction Confirmation, 3DS2, SRC, etc. (#1396)

From: Adrian Hope-Bailie via GitHub <sysbot+gh@w3.org>
Date: Mon, 06 Jul 2020 08:42:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-654099345-1594024930-sysbot+gh@w3.org>
> A bigger problem is that there is no such thing as "trusted Web code" which makes WebAuthn less useful for payments than native apps.

This is not a problem. The UI displayed to the user is rendered by the client platform (i.e. trusted UI). The data that is signed is the same data displayed to the user. It doesn't matter if the code that invokes this process or handles the output is trusted.

-- 
GitHub Notification of comment by adrianhopebailie
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1396#issuecomment-654099345 using your GitHub account
Received on Monday, 6 July 2020 08:42:13 UTC

This archive was generated by hypermail 2.4.0 : Monday, 6 July 2020 08:42:13 UTC