Is this proposal compatible with the deprecation of third-party cookies and partitioned storage? Since credentials are origin-bound, what credentials are available to a frame on origin A embedded under origin B? Reilly Grant | Software Engineer | reil...@chromium.org | Google Chrome <https://www.google.com/chrome>
On Wed, Nov 8, 2023 at 12:48 PM Stephen Mcgruer <smcgr...@chromium.org> wrote: > Contact emailssmcgr...@chromium.org > > ExplainerNone > > Specification > https://w3c.github.io/webauthn/#publickey-credentials-create-feature > > Summary > > This feature allows web developers to create WebAuthn[0] credentials (that > is, "publickey" credentials, aka passkeys) in cross-origin iframes. Two > conditions are required for this new ability: 1. The iframe has a > publickey-credentials-create-feature permission policy. 2. The iframe has > transient user activation. This will allow developers to create passkeys in > embedded scenarios, such as after an identity step-up flow where the > Relying Party is providing a federated identity experience. [0]: > https://w3c.github.io/webauthn/ > > Blink componentBlink>WebAuthentication > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EWebAuthentication> > > > TAG reviewNone > > TAG review statusNot applicable > > Risks > > Interoperability and Compatibility > > None > > *Gecko*: No signal > > *WebKit*: No signal > > *Web developers*: No signals > > *Other signals*: > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > Debuggability > > Will be debuggable by usual devtools tooling for JavaScript. > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ?N/A (Not yet implemented) > > Flag name on chrome://flagsNone > > Finch feature nameNone > > Non-finch justificationNone > > Requires code in //chrome?False > > Estimated milestones > > No milestones specified > > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5175677674586112 > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADY3Maf7EmNUH1zYSi7DimKd5NfddYY3navNx3-ELPyeqHpPMw%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADY3Maf7EmNUH1zYSi7DimKd5NfddYY3navNx3-ELPyeqHpPMw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMb853D5Fu8ryi%2BxXGyQovHKBU72hrSxqzubOCRZTfkZFw%40mail.gmail.com.