[webauthn] Add explicit description on what should be done in incognito/private browsing mode (#1174) from Alexei Czeskis via GitHub on 2019-03-08 (public-webauthn@w3.org from March 2019)

From: Alexei Czeskis via GitHub <sysbot+gh@w3.org>
Date: Fri, 08 Mar 2019 00:07:36 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-418572577-1552003655-sysbot+gh@w3.org>

leshi has just created a new issue for https://github.com/w3c/webauthn:

== Add explicit description on what should be done in incognito/private browsing mode ==
Web users should probably have the consistent experiences around using incognito/private browsing mode on all browsers.

This is especially relevant to platform authenticators.  As an example, Chrome on OS X integrates with Touch ID and stores state.  That state will get cleared when the user clears browser data.  This is not the case with platform authenticators provided by Windows.

Another interesting situation comes up around creating platfrom authenticator credentials in incognito.  In some browsers it will persist, in others it wouldn't.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1174 using your GitHub account

Received on Friday, 8 March 2019 00:07:37 UTC