- From: Vijay Bharadwaj via GitHub <sysbot+gh@w3.org>
- Date: Mon, 13 Feb 2017 23:46:49 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by vijaybh to https://github.com/w3c/webauthn: * Clean up attestation, abstract it from UA, fix TPM format, add U2F format (#321) * Add markup to eliminate bikeshed warnings * Client sends RP ID, not its hash, to authenticators Fixes #188 * Make attestation opaque to client Puts all attestation info into a CBOR object which is opaque to client and only parsed by RP. Fixes #244. This also lays some of the groundwork for adding a U2F attestation format. I will clean up the TPM attestation section in a separate commit. * Specify that clientDataJSON does not need to be canonicalized Fixes #274 * Many attestation and signature cleanups Refactor the attestation section to clean up exposition. Separated out signature verification (per format) from trust chaining (done at higher layer). Created a separate section for specifying key RP operations. Fixes #88. RP registration section defines binding of credentials to user accounts. Fixes #13. RP registration section also defines options in case of registering the same credential to different users. Fixes #12. Cleans up and completes defining the process for verifying assertions, which had already been largely done by @rlin1. Fixes #102. Completes drawing the distinction between assertion and attestation certificates. Fixes #118. Replace "client platform" with "client" in signature format section to avoid confusion. Fixes #209. * Fix up TPM attestation format Removed the TPM 1.2 parts. Rounded out the section. Fixes #226. Also clarified what certifyInfo contains. Fixes #242. * added missing reference FIDO-APPID * Proofreading fixes, finish attestation cleanup Fixed small wording and markdown issues. This completes the changes to make attestation opaque to UAs, which fixes #286, fixes #287, and fixes #289. It also fixes #239 by removing the homegrown algorithm identifiers and specifying the algorithm explicitly in attestation data using JWK identifiers. It also fixes #240 by encoding keys in CBOR which specifies lengths of fields. * Add U2F attestation format Fixes #214 * Add reference for U2F message formats * lex * Implement Rolf's naming suggestions Clearly differentiate attestation statements and attestation objects. * Rename attestationStatement back to just attestation This is now the only use of "attestation" so we might as well save bytes in the authenticator. * Tweak wording and naming of CBOR fields * Editorial tweaks for wording consistency * first draft of attestation structure figure added * added attestation data to attstn structs diagram * moved structures names to avoid confusion * resized attstn structs figure, added fig to section #cred-attestation * Fix bikeshed linking error * Editorial revisions Thanks to @equalsJeffH for the detailed review. Remaining items: Refactor signature format section, possibly rename fields for brevity, add CDDL/ABNF, fix U2F attestation issues. * Fix interface/member confusion Thanks to @equalsJeffH for spotting this. * Fix linking error * Clean up exposition Separate out verification of assertion and attestation signatures, removing redundant steps. Broke up signature format sectiona and moved the pieces to the appropriate places. * Use CDDL to define attestation and extension structures Fixes #318 * fix CDDL marker for packed attestation * Clean up attestation CDDL Consistent naming across types, stricter specification. Fixes #332 by removing the bad text. by Vijay Bharadwaj https://github.com/w3c/webauthn/commit/85db884771c13f7c540db3a58b925cfb73695cac
Received on Monday, 13 February 2017 23:46:55 UTC