- From: Paulo Lopes via GitHub <sysbot+gh@w3.org>
- Date: Mon, 21 Nov 2022 08:43:44 +0000
- To: public-webauthn@w3.org
Sharing the same key across domains goes against the security purposes that the spec offers. The goal to be phishing resistant and mitigations against MITM attacks would be totally tear down. Imagine the case where you would have a central public key for any domain. If I as a user would register on `www.good-website.com` and my public key would go to the "blockchain", a malicious website could inject some script, use an iframe, (use your imagination here) to capture the login ceremony message exchange, and instead, reroute the messages to a different website, e.g.: `www.bad-website.com`. Given that the key is global, the attacker can now "impersonate" me on `www.bad-website.com`. If you replace `good-website` with something like `google.com` where I log in to get personalized content and don't pay much attention to what is happening and `bad-website.com` with `my-bank.com` this would be terrible as you can imagine. -- GitHub Notification of comment by pmlopes Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1827#issuecomment-1321701915 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 21 November 2022 08:43:49 UTC