Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358) from 李林哲 via GitHub on 2023-09-13 (public-webauthn@w3.org from September 2023)

From: 李林哲 via GitHub <sysbot+gh@w3.org>
Date: Wed, 13 Sep 2023 10:55:54 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1717403327-1694602552-sysbot+gh@w3.org>

Now, not only due to the issues pointed out by this issue, but also because Chrome [has stopped supporting](
https://lists.w3.org/Archives/Public/public-webauthn/2022Nov/0135.html#:~:text=Web%20Authentication%20WG%2C%20Starting%20on%20M110%2C%20Chrome%20will,by%20mitm%27ing%20users%20who%20may%20skip%20the%20interstitial.)   self-signed certificates for Webauthn, Webauthn has become even more challenging to adopt in this scenario.

I understand the commitment to security that the specification standards advocate for, but the applicability for enterprise users in this particular context is indeed difficult to meet with the existing standards.

Of course, this is just a complaint, and the specific implementation still depends on your decisions.



-- 
GitHub Notification of comment by slayercat
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1358#issuecomment-1717403327 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 13 September 2023 10:55:56 UTC