- From: Fredrik Tolf via GitHub <sysbot+gh@w3.org>
- Date: Mon, 20 Feb 2023 02:53:18 +0000
- To: public-webauthn@w3.org
I too recently grappled with this situation and eventually decided to us one global challenge per web session, unbounded by time, that is "consumed" when one (of potentially several) conditional sessions actually complete. I consider this a very imperfect solution, but I found it to be the least bad of the options I considered. Unless it's too late, I would suggest changing/amending conditional mediation to a two-stage process, where a call is made back into the website script when a user *actually* decides to interact with the conditional mediation session, at which time a challenge can be fetched from the server. Just my two cents. -- GitHub Notification of comment by dolda2000 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1848#issuecomment-1436235885 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 20 February 2023 02:53:19 UTC