Comments (1)
asr-enid
commented on August 28, 2024
Adding to this, the sharded / directed e-mail claim feature requires clarification in general (the privacy goal is clear) (https://code.sgo.to/WebID/#directed-basic-profile)
- given RPs use e-mail addresses to communicate out-of-band with users, who is responsible for generating the addresses and proxying these messages?
- It seems hardly achievable to build a proper setup for this without the IdP supporting this type of directed e-mail natively including the e-mail proxy/forwarding features (as @davidben mentions, user won't be interested / or recognise these directed e-mails)
- making this a mandatory requirement is a really high bar in terms of effort for IDPs, more so because they might not all be e-mail service providers themselves.
- Even if the IdP would be willing to support it, it would be hard to achieve if the IdP is not also in direct control of the top-level e-mail domain (security consideration, address conflicts, ....). They could off course use a dedicated proxy domain only for that purpose, but that seems way beyond the idea of just changing a JS-side integration.
- There seems to be a lot to consider to make this happen, given the e-mail is used for a lot of scenarios specifically also account recovery etc.
from fedcm.
Related Issues (20)
- Autoreauthentication does not work with "silent" mediation value HOT 1
- What is disclosure_text_shown?
- Should getUserInfo() be under IdentityProvider? HOT 1
- Authorizing non-profile oauth scopes HOT 23
- Support for SAML HOT 2
- Need help understanding how the IdP knows what accounts a User Agent is logged in to HOT 2
- The reason we need an ID that isn't just `[RP, IDP]` is that a user could login to a site with multiple accounts. If I sign in as `dan.example` and `dan.other_site` from the same IDP, we need to differentiate those credentials.
- WebDriver capability might have an invalid name HOT 2
- Erroneous link to JSON object in automation section of spec
- Users may be confused after showing intent to sign in but the sign-in is failed HOT 16
- Thành công
- Does client_id need IdP to assign one to each device of each user? HOT 9
- localhost flag needed for testing HOT 20
- Should clearing IDP state also clear RP state?
- Should getUserInfo() use an IdentityProviderConfig?
- Feature request: allow disconnecting accounts HOT 12
- Feature request: provide developers more visibility of auto re-authentication HOT 3
- Validate urls once the config fetch occurs
- FedCM vs Storage Access API use case HOT 14
- ReadMe HowTo link 404 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fedcm.