- From: Adam Rice via GitHub <sysbot+gh@w3.org>
- Date: Fri, 28 Mar 2025 21:21:05 +0000
- To: public-webauthn@w3.org
> Sites do this now using cookies, but this would make that problem somewhat worse because users who have manually cleared their cookies might still have the existence of a sign-in credential apparent to the site through this mechanism. It's also an issue because of sync. I sync my personal browser profile between home and work, so they have access to the same credentials, but there are some sites I only log into at home. If I happen to access the same site at work, I don't particularly want it knowing that it knows me. This could maybe be addressed by having some record of sites I have logged into that is intentionally not synced between machines. This would be consistent with how cookies work now, so maybe not too surprising? -- GitHub Notification of comment by ricea Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2228#issuecomment-2762554007 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 28 March 2025 21:21:06 UTC