Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mmis1000
7 months ago
|
parent
|
context
|
favorite
| on:
Chrome Origin Trial: Device Bound Session Credenti...
If you read the proposal carefully. this api is used to refresh/revalidate extremely short lived cookie. not replace cookie itself. Which you can already do with webauthn
nicce
7 months ago
|
next
[–]
Maybe there is an assumption that this is easier to push through for masses because the UX is better. (no phone, no physical key required)
ximm
7 months ago
|
prev
[–]
Webauthn always requires a user presence check though.
mmis1000
7 months ago
|
parent
[–]
Seems the whole proposal exists solely because they are unwilling to add a "silence" option to webauthn. I am confused about the decision though.
https://github.com/w3c/webauthn/issues/199#issuecomment-2669...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
