- From: philomathic_life via GitHub <sysbot+gh@w3.org>
- Date: Wed, 02 Oct 2024 21:10:33 +0000
- To: public-webauthn@w3.org
> In your example, the majority case (outside of application bugs) user experience would likely be "my sign-in request is hanging so I'll try again", which would tend to result in the C1 request/response getting ignored or aborted by the client - though I suppose it could set off inappropriate some alarm bells on the RP side. I think the most likely "real" scenario—don't misconstrue this as me stating this is "likely"—is using a roaming authenticator (e.g., a USB security key). I plug the USB into my mobile device and authenticate. Before waiting for the process to complete, I unplug it and plug it into my laptop where I authenticate. For reasons already mentioned in addition to weaker resources on the phone, congested mobile network, etc., the authentication succeeds on the laptop first. Shortly after authentication finishes on the mobile device. Most users would probably wait for the process to complete before removing the authenticator mind you, but it's an example. Perhaps I am self-hosting a password manager and my laptop is on the same LAN; however my mobile device is using data slowing the connection especially since it will likely encounter multiple firewalls that my laptop bypasses. -- GitHub Notification of comment by zacknewman Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2172#issuecomment-2389702728 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 2 October 2024 21:10:33 UTC