public-webauthn@w3.org from April 2018 by subject

04/04/2018 W3C Web Authentication WG Meeting Agenda

04/11/2018 W3C Web Authentication WG Meeting Agenda

04/18/2018 W3C Web Authentication WG Meeting Agenda -CANCELLED

04/25/2018 W3C Web Authentication WG Meeting Agenda

[IANA #1050064] General Request for Assignment (cose)

[w3c/webauthn]

[w3c/webauthn] 0bc2ee: Extract cross-spec ref for RFC8152 Secion 7

[w3c/webauthn] 241a56: UVI modification with CDDL

[w3c/webauthn] 2a23a1: Revert "Obfuscate Safetynet nonce"

[w3c/webauthn] 2c97d4: "with string-valued keys" => "whose keys are strin...

[w3c/webauthn] 2dabcf: Fix |authData| -> |aData|

[w3c/webauthn] 37e89f: Obfuscate Safetynet nonce

[w3c/webauthn] 387f4a: Built by Travis-CI: 98ff314ae403b84863add51fd81768...

[w3c/webauthn] 425afc: Address @equalsJeffH's review comments

[w3c/webauthn] 60146e: Add recommendation of minimum challenge length

[w3c/webauthn] 610048: Obfuscate Safetynet nonce

[w3c/webauthn] 63c71d: Add example of new device enrollment via roaming a...

[w3c/webauthn] 65e393: Clarify that authentication use case example requi...

[w3c/webauthn] 68d8cb: Fix reference to U2F user public key format

[w3c/webauthn] 6d5aa3: Address review comments by @kieun (#832)

[w3c/webauthn] 7a484d: Built by Travis-CI: 2a23a11ceb500b594324085338a0fe...

[w3c/webauthn] 7c9479: Obfuscate Safetynet nonce

[w3c/webauthn] 88bb9a: Extract section 6.1.2. FIDO U2F signature format c...

[w3c/webauthn] 8f8a59: Built by Travis-CI: b84d9cb9dd1fb80ac000de0bf3e92e...

[w3c/webauthn] 98ff31: fix-855-add-link-to-CR (#856)

[w3c/webauthn] a46247: Always verify UP bit in RP ops

[w3c/webauthn] aabdf8: Built by Travis-CI: b9af923897efecaf2f85558748ee3f...

[w3c/webauthn] b14932: Built by Travis-CI: 6d5aa3e58d23a710b8756289c63bc0...

[w3c/webauthn] b84d9c: Emphasise that the CollectedClientData can be exte...

[w3c/webauthn] b9af92: Add recommendation of challenge length (#858)

[w3c/webauthn] c0fc95: Add link to security consideration from makeCreden...

[w3c/webauthn] cb84e0: Fix reference to U2F user public key format

[w3c/webauthn] ccfd83: Add example of new device enrollment via roaming a...

[w3c/webauthn] dc46ca: Built by Travis-CI: 263fe9357f6c335b4d491605dc67d0...

[w3c/webauthn] e2c124: Add missing description of PublicKeyCredentialDesc...

[w3c/webauthn] e36ee7: Clarify that authentication use case example requi...

[w3c/webauthn] e49263: draft-jones-webauthn-cose-algorithms

[w3c/webauthn] f14f12: Obfuscate Safetynet nonce (#869)

[w3c/webauthn] f234d4: Fix grammar

[w3c/webauthn] f76b22: Built by Travis-CI: 7c94792da69919fb1e7bef88954a68...

[webauthn] Add example of new device enrollment via roaming authenticator

[webauthn] Add missing description of PublicKeyCredentialDescriptor.transports

[webauthn] Add recommendation of challenge length

[webauthn] Add RP conformance section on ignoring attestation

[webauthn] Address review comments by @kieun

[webauthn] Allow client to refuse too short challenges

[webauthn] assertionChallenge recommendations

[webauthn] AttestationResponse vs AssertionResponse

[webauthn] Authenticators that do not recognize any handles shouldn't just be dropped on the floor

[webauthn] Clarify byte size requirements for UVI

[webauthn] Clarify examples: 1.1.1. Registration / 1.1.2. Authentication

[webauthn] Clarify how a user can authenticate from multiple devices

[webauthn] Clarify the U2F Attestation format to have a single certificate

[webauthn] Clarify U2F attestation verification

[webauthn] cleanup: interstital blank line

[webauthn] cleanup: mark & structure biblio references consistently

[webauthn] Closed Pull Request: Allow client to refuse too short challenges

[webauthn] CTAP alignment: Authenticator ops UP option

[webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys

[webauthn] Delete per RP ID Signature counters

[webauthn] Description of CollectedClientData is outdated

[webauthn] Does it require a JavaScript library?

[webauthn] Eliminate duplicate terminology

[webauthn] Fix #848: Weirdness in RP UP verification

[webauthn] Fixed incorrect field size that makes all letters to overlap each other

[webauthn] Grammar error in Sec 13.1

[webauthn] Include an AuthenticatorTransport when creating a new credential.

[webauthn] Merged Pull Request: Add recommendation of challenge length

[webauthn] Merged Pull Request: Address review comments by @kieun

[webauthn] Merged Pull Request: Emphasise that the CollectedClientData can be extended.

[webauthn] Merged Pull Request: fix 855: add link to CR

[webauthn] Merged Pull Request: Obfuscate Safetynet nonce

[webauthn] Merged Pull Request: UVI modification with CDDL

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by gmandyam

[webauthn] new commits pushed by jcjones

[webauthn] new commits pushed by leshi

[webauthn] new commits pushed by WebAuthnBot

[webauthn] NULL or DOMException

[webauthn] Obfuscate Safetynet nonce

[webauthn] Portability of private keys

[webauthn] Privacy across OS accounts

[webauthn] Propose procedure for adding to attestation/extension registry

[webauthn] Pull Request: Add example of new device enrollment via roaming authenticator

[webauthn] Pull Request: Add missing description of PublicKeyCredentialDescriptor.transports

[webauthn] Pull Request: Add recommendation of challenge length

[webauthn] Pull Request: Allow client to refuse too short challenges

[webauthn] Pull Request: Change "with string-valued keys" to "whose keys are strings"

[webauthn] Pull Request: Clarify that authentication use case example requires pairing the phone first

[webauthn] Pull Request: Clarify U2F attestation verification instructions

[webauthn] Pull Request: Clean up cross-spec refs in PR #861

[webauthn] Pull Request: Fix #593 - Refer to RFC 8266 for RP-controlled UI strings

[webauthn] Pull Request: Fixed example with incorrect allowCredential. Improved existing examples

[webauthn] Pull Request: Fixed incorrect field size that makes all letters to overlap each other

[webauthn] Pull Request: Include an AuthenticatorTransport when creating a new credential.

[webauthn] Pull Request: Obfuscate Safetynet nonce

[webauthn] Return the employed AuthenticatorTransport when creating a new credential

[webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData

[webauthn] The RS1 IANA COSE Algorithm registration doesn't match the value in the spec

[webauthn] Tighten security scope by port

[webauthn] undefined terms

[webauthn] Use |authData| instead of |aData| and |adata| in RP assertion verification operation

[webauthn] UVI modification with CDDL

[webauthn] What is the point of `allowCredentials`?

[webauthn] WIP: Authenticator taxonomy

Closed: [webauthn] Add CR link to the editor's draft

Closed: [webauthn] assertionChallenge recommendations

Closed: [webauthn] AttestationResponse vs AssertionResponse

Closed: [webauthn] Clarify byte size requirements for UVI

Closed: [webauthn] CTAP alignment: Authenticator ops UP option

Closed: [webauthn] Does it require a JavaScript library?

Closed: [webauthn] Need to fix abort operation example

Closed: [webauthn] Obfuscate Safetynet nonce

Closed: [webauthn] Portability of private keys

Demonstrating Payment authentication

Meeting Canceled Re: 04/04/2018 W3C Web Authentication WG Meeting Agenda

PR #829 reviewed

PR #849 reviewed

Press Release: FIDO Alliance and W3C Achieve Major Standards Milestone in Global Effort Towards Simpler, Stronger Authentication on the Web

Recovering from Device Loss in WebAuthn

Web Authentication Working Group Teleconference 25 Apr 2018

WebEx issue today

Last message date: Monday, 30 April 2018 23:08:41 UTC