mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-22 01:35:35 +00:00
9fc9b8dcb4
In Comment 8 of Bug 1244959 [1], Brad Hill argues that instead of leaving our U2F Facet support completely half-way, that we could use the Public Suffix logic introduced into HTML for W3C Web Authentication (the method named IsRegistrableDomainSuffixOfOrEqualTo) to scope the FIDO AppID to an eTLD+1 hierarchy. This is a deviation from the FIDO specification, but doesn't break anything that currently works with our U2F implementation, and theoretically enables sites that otherwise need an external FacetID fetch which we aren't implementing. The downside to this is that it's then Firefox-specific behavior. But since this isn't a shipped feature, we have more room to experiment. As an additional bonus, it encourages U2F sites to use the upcoming Web Authentication security model, which will help them prepare to adopt the newer standard. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1244959#c8 MozReview-Commit-ID: DzNVhHT9qRL --HG-- extra : rebase_source : 262e2ddbec325e0391d346473f27ae2738490da1 |
||
|---|---|---|
| .. | ||
| tests | ||
| moz.build | ||
| U2F.cpp | ||
| U2F.h | ||
| U2FAuthenticator.h | ||
| U2FManager.cpp | ||
| U2FManager.h | ||
| U2FTransactionChild.cpp | ||
| U2FTransactionChild.h | ||
| U2FTransactionParent.cpp | ||
| U2FTransactionParent.h | ||
| U2FUtil.h | ||