Re: [webauthn] Cross origin authentication without iframes (#1667)

Apparently the Payment WG are considering an alternative approach:
In the _preliminary_ schedule under the privacy moniker, you find:

<b>Instrument selection managed by the browser (Adrian Hope-Bailie). Display, selection, storage</b>

Properly implemented such a solution does not share PII with _untrusted third parties_ (merchants) in addition to offering a consistent (standardized!) payment provider/network independent UX.  No modifications to WebAuthn would be needed either since the payment application runs at a higher privilege level than ordinary Web code.

GitHub Notification of comment by cyberphone
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Tuesday, 19 October 2021 04:17:05 UTC