W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2021

Re: [webauthn] Remove unimplemented extensions (#1386)

From: David Waite via GitHub <sysbot+gh@w3.org>
Date: Thu, 04 Mar 2021 22:27:35 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-790989163-1614896854-sysbot+gh@w3.org>
There were no implementations to meet the interoperability requirements to publish them within the WebAuthn specification.

Furthermore, there were indications that browser and platforms would continue to _not_ support the extension - mixing system UI with consent for security/privacy release with injected dynamic contact is a recipe for user confusion.

What may be more feasible would be extensions for specific use cases without arbitrary text. For instance, a future extension might be imagined for approving financial transactions, where the request contains structured data and the authenticator or client fully controls the presentation of the request.

-- 
GitHub Notification of comment by dwaite
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1386#issuecomment-790989163 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 4 March 2021 22:27:36 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC