WICG/web-otp Issues

Last updated Nov 23, 2024, 5:47:31 AM UTC.

This repository doesn't have the Priority: Eventually label that's used to mark an issue as triaged without giving it an SLO. Until that's added, this summary uses heuristics to guess if each issue has been triaged.

Untriaged

Try to triage issues within . [ More Info ]

Issue Title Within SLO On maintainers' plates for Time left Time past SLO
#6 docs: Add types to the example
#16 Should OTPCredential have `transport`?
#24 Example uses "abort" property name, but it's "signal"
#25 Improving attribute definitions
#26 Editorial: dictionary members are done via options["otp"], not options.otp
#27 [[DiscoverFromExternalSource]] introduction duplicates credential management spec?
#29 Editorial: no need to alias origin to callerOrigin in [[DiscoverFromExternalSource]]
#30 Editorial: returning already terminates this algorithm
#32 Unclear connection between "Availability" section and normative requirements
#34 Ordering of transports in OTPCredentialRequestOptions not clear
#36 Editorial: [[DiscoverFromExternalSource]] uses same |options| name for two different variables
#38 security checks in [[DiscoverFromExternalSource]] don't match those described in the security section
#39 Explanation for not using "trustworthy urls" is confusing
#42 Inaccuracies in framing of "comparable APIs" in explainer
#43 The specification draft link in the README is a dead link
#46 Repo is fork
#47 [web-otp] Change transport type to be a DOMString
#52 Supported browser for WebOTP
#53 Support for web push notification as a transport mechanism
#55 Software-based OTP Applications
#59 Broken references in WebOTP API
#60 Register the `otp-credentials` in the Permissions Policy Registry
#61 This API makes it much easier to have MITM attacks over OTP token used, turning genuine token submission into a replay "attack"