- From: Joshua Zhao via GitHub <noreply@w3.org>
- Date: Tue, 07 Oct 2025 05:00:46 +0000
- To: public-webauthn@w3.org
> Unvetted extensions are not the right path as privacy and security of WebAuthn can be harmed with this approach. If people want certain functionality to be included in WebAuthn, please propose it formally so that WebAuthn WG can debate and build a consensus around it. Ideally, we should debate and build a consensus on the best solution. In reality, you need evidence to convince people and that requires experiments to collect data. Requiring practitioners to fork their browser implementations (or just set custom flags in browser settings) will never enable any meaningful experimentation beyond developers' own devices. That is the reason why such blocking behavior on the browsers or platforms is really detrimental to the advancement of FIDO. -- GitHub Notification of comment by joshzhao Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2331#issuecomment-3375208416 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 7 October 2025 05:00:47 UTC