[webauthn] new commits pushed by emlun

The following commits were just pushed by emlun to https://github.com/w3c/webauthn:

* Update index.bs

Biometric Selection Criteria extension
  by gmandyam
https://github.com/w3c/webauthn/commit/d77acb349d8d216c44333c227bd9eddbe32f9ea4

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/adf287058fa34827e0668d127e995ee96a23eddb

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/834062e5dc9046b08ceb6587758763f3475d6abc

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/82e0e41cc3f88efce5e33dbdc66858fc9eba7e9c

* Add UV parameter to getAssertion operation
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1c1a111f018b0321f6d508c8db2c703533ef70b9

* Fix indentation
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1d2d0e5c25d1c26b07d871a20e76f5d5d414be95

* Always require UP or UV for authenticator operations
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/48226c7aa5a9d167a8d78970916390415b3d98c2

* Make requireUserVerification enum instead of Boolean
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/d0b43a66dc4c8b40a77970beda160f8ddffcb7db

* Improve formulation of UP/UV requirement in authenticator operations
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/ef015fa96e93bb1a1f64b7a6718c40cc0695efa6

* Remove duplicated error return instruction
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/81f94455bf8ce41207b8ba4771f788101a6be0ec

* Add dfn links to occurences of "user consent"
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/76d6e0df5d589ea4f005aa2f25c5d7c44d20b0c0

* Move UserVerificationRequirement to supporting data structures
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/af7da2de7c6cd71b32f5d0e875317b6dd89fbff0

* Remove authenticatorSelection from get() options and pass UV parameter standalone

It's just confusing to send the whole `AuthenticatorSelectionCriteria`
structure but ignore of forbid 2 of the 3 members. If those additional
parameters should be added in the future, that will probably be a
breaking change anyway.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/330552ff0e2f88e664494ef71b4e278f32cfe8fa

* Fix reference to |rpEntity| and |userEntity| in authenticatorGetAssertion
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/20e5a52d28bc089d3c5b504ede37d39cda99f2d5

* Fix typo
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/dbca08d39510c52d6cb9695aebebc997a135285a

* Remove redundant "if present" from requireUserVerification description
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/c6f07a5ac214f661c79aaf49b9e42bf2e27aa7ac

* Change requireUserVerification default to "wanted"
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/7a134d5a8fa83beacde02eacef5bd6f25b9c3dac

* Rename UserVerificationRequirement."wanted" to "preferred"
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/148a04032d2f61d05233b19e4ee393c2b93c6db8

* Rename UserVerificationRequirement."not-wanted" to "discouraged"
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/e08368c217dcdc83fd51be5d569c9f852c85e2ea

* Make UP and UV independent again
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/9a3e24b09fc2c7bffa200131d7ef3bf70335f946

* Merge branch 'master' into issue-644
  by JeffH
https://github.com/w3c/webauthn/commit/bae7b0564f135b29d8b71bd20df349224a313b22

* Format |userVerification| decisions as switches
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/fc2c7b8ad29eadef42ec379c4e410aaa5820f0a1

* Address review comments on minor wordings
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/78431f5efd90b59be2bdc2f3c8ea934618fe7ded

* Address review comments on code style
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/4c7d6f6da3369b4abf034427a236a6416d3714dd

* Fix list numbering accidentally broken by fc2c7b8
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/a2c99a513ad0b38c9d2cca60951d0384cd51f2e0

* Make authenticatorMakeCredential always use UV if possible
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b689825eb7d98e3a1284382ba6dd82be287b6eb4

* Remove redundant check of support for requireUserVerification
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b897592aecebd0fc723954e78d703c6025333078

* merge from master & fix conflicts
  by JeffH
https://github.com/w3c/webauthn/commit/f271306def3dbd9bc9e249d49c9c94ce4d72d717

* Fix broken variable member references
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/14d08ce5e223bb4312550a3d75763305d193f1ae

* Fix instructions for UV in authenticatorGetAssertion
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/6eeaa4d6cc5433d33eb5550528365acb45339b10

* Fix a reference to the wrong requireUserVerification member
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b59da77c0a50680e49b4b3716df1710cb196acd3

* Rename PublicKeyCredentialRequestOptions.requireUserVerification to userVerification
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b245b72221568403cb197270bfd4715ed5098869

* Fix #404 - Add a Security Consideration for Cryptographic Challenges
  by J.C. Jones
https://github.com/w3c/webauthn/commit/21f5886f77d0a50c427beb64315275eb2b41d4da

* Resolve #292 - Clarify that only one operation is permitted per authenticator session
  by J.C. Jones
https://github.com/w3c/webauthn/commit/abf8afea9183450ce2175e976c6d23216c46e2da

* Merge branch 'master' into issue-644
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/8ee7f25dc622742bd4003b2a615f167e9c68c800

* Review updates
  by J.C. Jones
https://github.com/w3c/webauthn/commit/28657152284a74519b4ae60c1c22b985ec4fb21d

* Review updates
  by J.C. Jones
https://github.com/w3c/webauthn/commit/f496efac6ce2e84692e1bc1d42e6453ba90e2584

* Update per @equalsJeffH comments
  by J.C. Jones
https://github.com/w3c/webauthn/commit/66f094f134f7c20d3cfd9f54d3f11deb7146764e

* Merge branch 'master' into issue-644
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/8d261e9c57d700fbcb4ef97f08ea0979da45d9e7

* Revert "Make authenticatorMakeCredential always use UV if possible"

This reverts commit b689825eb7d98e3a1284382ba6dd82be287b6eb4.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/4a8f028c85a260cdcd41b1fd07dcd2f73cb4a6f6

* Remove duplicated UV step from authenticatorMakeCredential
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/0380327385bab3e3b477d975d1d0b9711fb554c2

* Move UserVerificationRequirement subsection to last in its section

To avoid changing the number of all the other subsections...
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/a51550386b9ab422d0ff1c895487fe23afa8135f

* Address editorial review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/2969b37b04e8ea3d977020b30170cb32e8e1cf45

* Merge pull request #681 from jcjones/404-challanges

Fix #404 - Add a Security Consideration for Cryptographic Challenges
  by J.C. Jones
https://github.com/w3c/webauthn/commit/45541f918a8c43fe2d5c5a7ef2eb4adc508bc513

* Merge pull request #673 from jcjones/292-operations_in_flight

Resolve #292 - Clarify that only one operation is permitted per authenticator session
  by J.C. Jones
https://github.com/w3c/webauthn/commit/b8656455896b3eb888653e464786cfc921ac1492

* Don't always require UV for first factor authenticatorGetAssertion

This requirement isn't compatible with the current CTAP2 draft.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/ba242b9d5f7ea2b3534618d4d31890d5f993ae56

* Align authenticator operations' UP/UV behaviour with CTAP2
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/7f831e3c7ebf669041c6413acc8005c3efa0eb8b

* more consistency: add Get name to section 5.1.4
  by rlin1
https://github.com/w3c/webauthn/commit/46d6c51d7908a0f879c32586d3a09a4ccf1ee903

* Fix plural
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/ea30a3319ac43765d8eef605fc49cbe66568f165

* Prompt for credential selection only if more than one eligible

Per review comment by @rlin1.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/3d352c7c29c86bb94fe9fa001edff8865dd4b58d

* Use Infra list terms in authenticatorGetAssertion
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f6358cf71495e8e2a388dc86d3b465683a5317ad

* Use Infra list terms in authenticatorGetAssertion
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/05f4b23cda33c8bf7c162652583bc0fd91127331

* Add RSASSA-PKCS1-v1_5 w/ SHA1 for TPM attestations and correct TPM signing/verification text (#690)
  by Mike Jones
https://github.com/w3c/webauthn/commit/3985dd18d2d6c1d54dae21c78d255314f4354095

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/8d0c61f05a4ebc8c4aa4f211ec5485db58ab37f6

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/14672723a1577508c0a5ef42c0aabedc40789e80

* Merge pull request #672 from w3c/issue-644

Fix #644: Add UV parameter to getAssertion
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/e51726412fd0cc25ed49be2d301be86d58296f04

* Fix references to |authenticatorSelection| members in step ยง5.1.3.18
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/705e3d8ac02d86482398a2530b46b552222d47f2

* Merge branch 'master' into issue-692
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/7b5b19555d7fb44db145a5ddb1c3383a2fa00bcb

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/90f0476b0a8da42324b50cafcb159588fecac3ef

* Merge pull request #696 from w3c/issue-692

Fix issue #692
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/311d50fd96a95c2cee934430227f9aa0d11c2f35

* fix comments in pre blocks and other linking errors (#697)

* remove comments from <pre> blocks

* add missing close div tag in #storeCredential

* fix warning wrt  var usage in authenticatorMakeCredential input params

* fix 'challenge' linking error
  by =JeffH
https://github.com/w3c/webauthn/commit/cc943646ae5e63c69907578bd5a2c2daae700ba9

* build on Adding a choice for RP to express preferences for attestation types (#693)

* Adding a choice for RP to express preferences for attestation types

Adding a choice for RP to express preferences for attestation types. "low-cost" means don't bother the user to get the attestation, don't do a network roundtrip, etc., even if that means that we won't end up with a meaningful attestation (i.e., even if we only get self-attestation). "verifiable" means that the RP wants a verifiable attestation, even if that means that the user agent needs to connect to the Privacy CA, collect user consent, wait for ECDAA signatures to finish, etc.

* Update index.bs

* Update index.bs

* Added a third option

And changed "low-cost" to "none".

* adding client processing rules...

...for the attestation preferences.

* typo

* typos

* PR 636: rename several items and remove prescriptive wording about UI.

* Addressing akshayku's comments on previous change.

* attestationPresentationPreference -> attestationConveyancePreference

* refine/polich switch stmt

* more refining

* refining AttestationConveyancePreference section

* polish AttestationConveyancePreference section, plus make BS happy

* add issue

* make BS happy

* polish

* need to define 'blinding'

* editorial polish

* fix up MakePublicKeyCredentialOptions.attestation description, remove line-ending blanks

* make BS happy - no comments in <pre> blocks, define attestation conveyance

* adapt commit 825cce7 language

* move attestation conveyance \<dfn>

* address jyasskin comments, thx!
  by =JeffH
https://github.com/w3c/webauthn/commit/81fdc9a301f02e2324945cf9cbe05245e69c6a29

* Resolve #698 - Rename requireUserVerification (#699)

* Resolve #698 - Rename requireUserVerification

* Rename userVerification to userVerificationRequirement

* Add missing |options|.{{authenticatorSelection}} prefix

* Add missing <code/> wrapper

* Remove extraneous </code> end tag

* Revert "Rename userVerification to userVerificationRequirement"

This reverts commit 4d774ddd542abac5d30682e4380b2d93cbe663a7.
  by J.C. Jones
https://github.com/w3c/webauthn/commit/416732ec746d3d2efde237dbc3a072e02d1b3857

* fix #700 & #701: add same origin with ancestors param (#702)

* fix #700 add sameOriginWithAncestors parameter to internal methods, improve #701

* fix #701 [[Create]] and [[DiscoverFromExternalSource]] references have inconsistent parameter lists

* address jcjones' comments, thx!

* fix missing '(' problem

* make xrefs to credman Origin Confusion nicer

* fix 'var used only once' warning

* fix cut'n'paste error, thx emlun!

* editorial: normalize argument exposition across internal methods

* fix another sloppiness instance

* add ref to Note wrt leveraging Feature Policy spec in future

* minor edit

* further wordsmithing
  by =JeffH
https://github.com/w3c/webauthn/commit/2f0b13e0afa13081e2cf62f09267e119196b8952

* Resolve linking errors for WD-07 publication (#703)

* fix proper subset tweak

* resolve linking error for AttestationNotPrivateError

* resolve linking error: idl ref not found for [[DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors)

* remove unnecessary commits

* accept jeff suggestion
  by Angelo Liao
https://github.com/w3c/webauthn/commit/5e63e5780a531a1cf8cf0e9f9e9b55507982bc9f

* revert master branch to editors' draft status
  by JeffH
https://github.com/w3c/webauthn/commit/12f2d09a437489e69b0c482e664642bae32586bd

* Merge branch 'master' into master4
  by J.C. Jones
https://github.com/w3c/webauthn/commit/8ea9c78342438e3cc02ed2f5aabe65a821139c8e

* Merge branch 'master' into master4
  by J.C. Jones
https://github.com/w3c/webauthn/commit/a4fe0faf249c37d2fb39eb05bb805c45fe420d9e

* Merge pull request #695 from gmandyam/master4

CDDL description of location extension
  by gmandyam
https://github.com/w3c/webauthn/commit/33ac796035b250d29ddf056ac044319825128104

* Add formal links to PublicKeyCredentialDescriptor description (#719)

This resolves #716.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/8ea5208a01c5993149077e86ef697d20f43e058f

* Change id -> ID (#722)
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/0d52835299a025a114007dcb22bf5cf15b504c32

* Fix issue #685 (#686)

See https://github.com/w3c/webauthn/issues/685
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/269144c764db7818c9d149bd08e82c83c2906d74

* Specify that SHA-256 is used for hashing the client data. (#710)

Approved on today's WG call
  by Adam Langley
https://github.com/w3c/webauthn/commit/6734b92a8831b37c423e973d81624e89b6e20179

* Don't say user handle is optional in Public Key Credential Source definition (#721)

This resolves #720.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/986d6275555e1b9cdd58dc1fcb6df306979e3e9c

* Add note on why authenticator attachment ise used only in create() (#708)
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f780ca85a74f664bea4890bd1111a6e97b1099f0

* Correct Android Key attestation verification procedure. Fixes #599. (#717)
  by Arnar Birgisson
https://github.com/w3c/webauthn/commit/8f349fefbba8326f493e7bfeb4150c961daaba53

* Updated editors and acknowledgements (#726)

Updated editors and acknowledgements and added contributors section
  by Mike Jones
https://github.com/w3c/webauthn/commit/758115fa641e92234485369b1129741b6fde533d

* fix broken {{PublicKeyCredentialEntity/id}} links to be {{PublicKeyCredentialRpEntity/id}} (#728)
  by =JeffH
https://github.com/w3c/webauthn/commit/9a7eba85fb463531382e36605119475182f6d4f6

* fix 711 identifier internal slot contains credID (#729)
  by =JeffH
https://github.com/w3c/webauthn/commit/06af8bc949948fe4d7554f0bd59d942dc1430593

* Added John Bradley to Acknowledgements
  by Mike Jones
https://github.com/w3c/webauthn/commit/99baccf8be8abf78607e4a86bad809189ec71863

* move the credentialId uniqueness handling to the formal alg steps.  (#709)

* move the credentialId uniqueness handling to the formal alg steps. Close #579

* be more precise about what ceremony we mean
  by Rolf Lindemann
https://github.com/w3c/webauthn/commit/a6c0da2f14924a52cd20d94f38012848b15db1b6

* Merge branch 'master' into issue-184
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/73b9e4fb9e6a1cd4cce6448c34cfa1e54d0d6179

* Move getAssertion privacy considerations to Security Considerations
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1214398f9724889be48f011176db26325c2259b8

* Move normative language from priv-cons into algorithms
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/38e2c4fc25f5622d3a28152951471b15cc81e875

Received on Monday, 25 December 2017 21:54:58 UTC