Re: [webauthn] Add `challengeUrl` (#2152) from Nina Satragno via GitHub on 2024-09-25 (public-webauthn@w3.org from September 2024)

From: Nina Satragno via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Sep 2024 21:49:44 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-2375325006-1727300982-sysbot+gh@w3.org>

You can get away with generating client-side challenges if they're based on a timestamp. Then, they could only be replayed within the period that they're valid. If you can accept that, then it's a great option for UX.

-- 
GitHub Notification of comment by nsatragno
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2152#issuecomment-2375325006 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 25 September 2024 21:49:45 UTC