Martin Kreichgauer

> > ...if someone is willing to push for it... > > I'll take this on. I'll try and get a draft PR up before too long, I know it'll...

> While `toJSON()` in WebIDL may be convention, I don't believe we could use the `default` implementation without changes to WebIDL or ECMAScript. > > In particular, the ask has...

> This is meant for the server, and the server already needs to work with WebAuthn binary formats as well as CBOR to handle the assertions, to handle attestations and...

Thanks for the proposal! I recently toyed with this in Chromium, and I have a couple suggestions. For the response case, wouldn't it be simpler to define a toJSON() method...

> Alternatives in this field require browser redirects or iframes that access both a.com (for authentication) and then perform federated SSO to b.com. This is an undersirable user experience in...