The dependency on untrusted third-parties dealing with key handles is unique for SPC and is the result of building on authentication rather than following the industry standard, authorization. [**W3C Pay**](https://github.com/mozilla/standards-positions/issues/570#issuecomment-972578433) does not expose key handles at all except to the issuer. -- GitHub Notification of comment by cyberphone Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1667#issuecomment-982380182 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Tuesday, 30 November 2021 08:07:02 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:45 UTC