Re: [webauthn] Cross origin authentication without iframes (accommodating SPC in WebAuthn) (#1667) from Anders Rundgren via GitHub on 2021-11-30 (public-webauthn@w3.org from November 2021)

From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
Date: Tue, 30 Nov 2021 08:07:00 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-982380182-1638259619-sysbot+gh@w3.org>

The dependency on untrusted third-parties dealing with key handles is unique for SPC and is the result of building on authentication rather than following the industry standard, authorization.

[**W3C Pay**](https://github.com/mozilla/standards-positions/issues/570#issuecomment-972578433) does not expose key handles at all except to the issuer. 

-- 
GitHub Notification of comment by cyberphone
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1667#issuecomment-982380182 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 30 November 2021 08:07:02 UTC