- From: Ken Buchanan via GitHub <sysbot+gh@w3.org>
- Date: Mon, 27 Jan 2025 14:51:10 +0000
- To: public-webauthn@w3.org
FYI: @deephand has updated the explainer with some clarifications. In particular: 1. It makes it clearer that the expectation is not for sites to be able to remove other sign-in options. The idea is that users with immediately-available passkeys can be shown the passkey UI directly without having to interact with a sign-in form, while users without those would see the same sign-in options that they do without this. 2. The privacy section now provides better detail on the compromise that we are proposing. The earlier version of the explainer was not explicit on this point. This would make a change to the privacy guarantees that the WebAuthn API currently provides, and the explainer offers mitigations intended to prevent any potential abuse of that change. -- GitHub Notification of comment by kenrb Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2228#issuecomment-2615971222 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 27 January 2025 14:51:11 UTC