Skip to content

Commit

Permalink
Update index.bs
Browse files Browse the repository at this point in the history
  • Loading branch information
abergs authored Feb 21, 2024
1 parent 5377366 commit bb1948a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion index.bs
Original file line number Diff line number Diff line change
Expand Up @@ -1344,7 +1344,7 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S
- The [=determines the set of origins on which the public key credential may be exercised|origin=]'s [=scheme=] must be `https`.
- The [=determines the set of origins on which the public key credential may be exercised|origin=]'s [=port=] is unrestricted.

For example, given a [=[RP]=] whose origin is `https://login.example.com:1337`, then the following [=RP ID=]s are valid: `login.example.com` (default) and `example.com`, but not `m.login.example.com` and not `com`. Another example of a valid origin is `http://localhost:8000`, due to the origin being `localhost`
For example, given a [=[RP]=] whose origin is `https://login.example.com:1337`, then the following [=RP ID=]s are valid: `login.example.com` (default) and `example.com`, but not `m.login.example.com` and not `com`. Another example of a valid origin is `http://localhost:8000`, due to the origin being `localhost`.

This is done in order to match the behavior of pervasively deployed ambient credentials (e.g., cookies, [[RFC6265]]).
Please note that this is a greater relaxation of "same-origin" restrictions than what
Expand Down

0 comments on commit bb1948a

Please sign in to comment.