- From: 李林哲 via GitHub <sysbot+gh@w3.org>
- Date: Wed, 13 Sep 2023 15:43:18 +0000
- To: public-webauthn@w3.org
> @slayercat that link from Chrome specifically says: > > > Chrome will stop allowing WebAuthn requests on websites with **TLS certificate errors** > > If the self-signed certificate is trusted by the browser (e.g. installed), you will not get a certificate error. Thank you for your response. Yes, you are absolutely right. Whether it's deploying domains, modifying hosts files, issuing certificates, or trusting certificates for internal sites, regardless of whether they are self-signed certificates or not, for large IT companies, these processes are well-established, especially with the assistance of Microsoft Windows domain controllers. However, on the other hand, for small and medium-sized enterprises, deploying domains or modifying hosts for each endpoint, issuing certificates, and trusting them can pose certain challenges. Each business product that wants to use WebAuthn would require related processes, and not all out-of-the-box devices, such as firewalls, have the capability to modify certificates. The internet doesn't have as many complexities in this regard. But governing the internal network of an enterprise will present some challenges for the adoption of WebAuthn in this scenario. I believe there are many who can relate to this, and we hope that WebAuthn continues to improve until the day when someone starts considering enterprise users on intranets, especially those of small and medium-sized enterprises. -- GitHub Notification of comment by slayercat Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1358#issuecomment-1717883597 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 13 September 2023 15:43:21 UTC