- From: Levi via GitHub <sysbot+gh@w3.org>
- Date: Tue, 16 Jul 2024 22:54:48 +0000
- To: public-webauthn@w3.org
Hello, I have some feedback regarding the minimum supported limit of five origins.
Amazon appears to have at least 17 TLDs that serve customers (rather than redirect customers to .com). Authentication occurs without redirecting to the `.com` origin. Should Amazon adopt related origins and somehow overcome the issue of prior passkey registrations on a localized TLD, they would be constrained by the five origin limit. Perhaps a limit of 20 would be more appropriate?
Here's the list I processed:
```
ae,ca,co.jp,co.uk,com,com.au,de,eg,es,fr,in,it,nl,pl,sa,se,sg
```
There may be more `co.{cctld}` and similar `com.{cctld}` that I missed.
I have no affiliation with Amazon. They just seemed to be an interesting use case for this specification change.
--
GitHub Notification of comment by LeviSchuck
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2040#issuecomment-2231949884 using your GitHub account
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 16 July 2024 22:54:49 UTC