standards-positions icon indicating copy to clipboard operation
standards-positions copied to clipboard
verified publisher icon WebKit

Device Bound Session Credentials

Open kmonsen opened this issue 2 years ago • 4 comments

WebKittens

No response

Title of the spec

Device Bound Session Credentials

URL to the spec

https://github.com/WICG/dbsc/

URL to the spec's repository

No response

Issue Tracker URL

No response

Explainer URL

No response

TAG Design Review URL

No response

Mozilla standards-positions issue URL

https://github.com/mozilla/standards-positions/issues/912

WebKit Bugzilla URL

No response

Radar URL

No response

Description

Device Bound Session Credentials (DBSC) aims to reduce account hijacking caused by cookie theft. It does so by introducing a protocol and browser infrastructure to maintain and prove possession of a cryptographic key.

DBSC also introduces a client based refresh mechanism where the client provides periodic auth refreshes based on server directions.

kmonsen avatar Nov 20 '23 12:11 kmonsen

@johnwilander @annevk @mikewest

Hey, have you had a chance to look at this? We would love to work with you to protect all our users.

kmonsen avatar Mar 18 '24 23:03 kmonsen