[webauthn] Add topOrigin to clientData for cross-origin GET in iframe (#1842) from Tim Cappalli via GitHub on 2023-01-25 (public-webauthn@w3.org from January 2023)

From: Tim Cappalli via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Jan 2023 16:25:29 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1556933019-1674663927-sysbot+gh@w3.org>

timcappalli has just created a new issue for https://github.com/w3c/webauthn:

== Add topOrigin to clientData for cross-origin GET in iframe ==
This issue is to track the change discussed in the last WebAuthn call about adding the following for cross-origin GET in an frame:
- add top origin (`topOrigin`), aka what's shown to the user in the browser bar, to clientData
- Add text around how RP should process and evaluate this information
- Add text saying clients should show both the RP ID and top origin to the user during getAssertion

This will match the changes being added in #1801 for create. PR coming in the next few weeks.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1842 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 25 January 2023 16:25:31 UTC