[Openid-specs-native-apps] Fwd: Web Browser news from WWDC
Paul Madsen
paul.madsen at gmail.com
Mon Jun 15 12:50:41 UTC 2015
hey Mike, if true, you are saying the new tabs can 'do everything the
system browser does', so the only difference is UX
Im not diminishing the importance of the UX , just want to understand
what we gain
On 6/15/15 8:36 AM, Mike Varley wrote:
> I seem to recall that both iOS and Android will now allow these
> embedded web views (i.e., chrome tabs and safari web views) full
> access to the user's settings: including cookies, stored passwords,
> local storage, (device certificates as John mentioned), touchID? the
> works. And there is the improved UI experience as well, that you
> pointed out, with "back' buttons that automatically return the user to
> the calling App.
>
> MV
>
>
>
> On Jun 15, 2015, at 8:05 AM, Paul Madsen <paul.madsen at gmail.com
> <mailto:paul.madsen at gmail.com>> wrote:
>
>> John, can you expand on
>>
>> 'However it seems like we will be able to do significantly more with
>> the browser than we had been thinking.'
>>
>> As I see it, the new feature doesn't enable anything *more* other
>> than a better UX on iOS? True?
>>
>> Paul
>>
>> On 6/12/15 4:38 PM, John Bradley wrote:
>>> Have a look at 23min into this video from ADC.
>>>
>>> https://developer.apple.com/videos/wwdc/2015/?id=504
>>>
>>> This is a significant development.
>>>
>>> In talking to others from Google yesterday and today, they have
>>> introduced similar functionality in Android rolling out in
>>> approximately the same timeframe, and backwards compatible with
>>> current versions of Android.
>>>
>>> Being able to invoke a web tab without an app flip is a significant
>>> change, potentially making the TA in the browser that we have talked
>>> about the preferred option on iOS.
>>>
>>> People should look at the ACDC draft
>>> https://bitbucket.org/openid/napps/wiki/Home.
>>>
>>> It may be that NAPPS for enterprise is OAuth using a tab plus PKCE
>>> and some additional app verification logic + fido api in the browser.
>>> For SasS we may be able to use OAuth + ACDC and discovery in a tab.
>>>
>>> It looks like the tab will have access to device certificates
>>> solving some peoples issues around that.
>>>
>>> We should also be able to do accountchooser.com
>>> <http://accountchooser.com/> in the browser tab to perform account
>>> discovery.
>>>
>>> Now that the changes have landed on iOS and Android we should be
>>> good to do testing in the late summer fall.
>>>
>>> Please start the discussion on the list.
>>>
>>> I recognize that some people will still have use cases for native
>>> token agents, so I am not proposing completely eliminating that yet.
>>>
>>> However it seems like we will be able to do significantly more with
>>> the browser than we had been thinking.
>>>
>>> Regards
>>> John B.
>>>
>>>
>>>
>>> _______________________________________________
>>> Openid-specs-native-apps mailing list
>>> Openid-specs-native-apps at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-native-apps
>>
>> _______________________________________________
>> Openid-specs-native-apps mailing list
>> Openid-specs-native-apps at lists.openid.net
>> <mailto:Openid-specs-native-apps at lists.openid.net>
>> http://lists.openid.net/mailman/listinfo/openid-specs-native-apps
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-native-apps/attachments/20150615/792d5edd/attachment-0001.html>
More information about the Openid-specs-native-apps
mailing list