Frederik Krogsdal Jacobsen

icon indicating a website link fkj.github.io

icon company @Criipto icon location Copenhagen, Denmark

Results 6 comments of Frederik Krogsdal Jacobsen

Switch from a cookie to credential management

If there is a FedCM credential (an `IdentityCredential`) available for the email account, I don't see why it couldn't be used as an alternative to a cookie/WebAuthn credential. @stefan2904 Using...

Issuer check failures?

For the third case, wouldn't just failing immediately be the correct choice for the "people" since they are not logged in to an account with that email? The whole point...

Add display metadata to the CredentialResponse

After doing pilot testing we have run into a similar problem with the UX. For end users it is difficult to successfully select the correct credential instance when they have...

Add display metadata to the CredentialResponse

My understanding of the proposed mechanism is that sending a `credential_metadata` object in the Credential Response would override the definitions in the Credential Issuer Metadata. As I see it, that...

Proof of email existence and spam

I had some similar concerns when discussing this at IIW, but I eventually became convinced that this does not change anything from the RP's perspective. Nothing is stopping sites from...

AS Mix-Up Attack on IAE

As discussed on the WG meeting yesterday, this should be reconsidered for 1.1. I think the proposed mitigations (wallet attestation and/or `iss`) are still enough with the current text. A...