- From: Matthew Miller via GitHub <sysbot+gh@w3.org>
- Date: Fri, 02 Apr 2021 17:59:31 +0000
- To: public-webauthn@w3.org
Why _couldn't_ WebAuthn be used for 2FA/Passwordless/Usernameless logins for browser extensions that want to offer an additional level of access control? It's not much different than how some privacy-oriented apps offer a secondary passcode you have to enter when you open the app. I think we should consider updating the spec to enable alternative RP implementations outside of the traditional "remote server" definition of what an RP is. Use cases for the technology can come out of nowhere, as in the case of an extension developer who wants to leverage an "internal RP" that is completely contained with the extension to allow for attestations and assertions for local authentication. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1372#issuecomment-812642460 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 2 April 2021 17:59:33 UTC