Re: [webauthn] Add `challengeUrl` (#2152) from philomathic_life via GitHub on 2024-11-06 (public-webauthn@w3.org from November 2024)

From: philomathic_life via GitHub <sysbot+gh@w3.org>
Date: Wed, 06 Nov 2024 19:48:39 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2460640574-1730922517-sysbot+gh@w3.org>

@kenrb, is there a reason HTTP POST is not used? Perhaps there is something I misunderstand in the security section, but I don't see how any of the constraints preclude the more appropriate method since [as stated](https://github.com/w3c/webauthn/issues/2152#issuecomment-2400889985), the operation is not idempotent. [You said](https://github.com/w3c/webauthn/issues/2152#issuecomment-2403373715) you would update the explainer, so I'm unsure if this is an oversight or a change in stance.

-- 
GitHub Notification of comment by zacknewman
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2152#issuecomment-2460640574 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 6 November 2024 19:48:40 UTC