public-webauthn@w3.org from June 2018 by subject

06/06/2018 W3C Web Authentication WG Meeting Agenda

06/13/2018 W3C Web Authentication WG Meeting Agenda

06/20/2018 W3C Web Authentication WG Meeting Agenda

06/27/2018 W3C Web Authentication WG Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 01ad24: Change listing heading from "Extension type" to "O...

[w3c/webauthn] 045e92: Unnecessary to specify extension validity

[w3c/webauthn] 0a2da2: Built by Travis-CI: 4fd5dd5d5c642ba3756edb3eece3aa...

[w3c/webauthn] 0b658b: PerCredentialSignatureCounters

[w3c/webauthn] 10b27b: Specify extension types in listing instead of pros...

[w3c/webauthn] 10e12d: Document prevention of attacks on privacy

[w3c/webauthn] 11cd5f: Built by Travis-CI: b0ca15fa82e531dadaba9fc49c8c7a...

[w3c/webauthn] 1429da: Built by Travis-CI: 2b5246585fe1703cf13775275dba57...

[w3c/webauthn] 165777: make it a Note

[w3c/webauthn] 1c6205: Built by Travis-CI: 4fd5dd5d5c642ba3756edb3eece3aa...

[w3c/webauthn] 1d8c9d: fix issue #932 clarify rpIdHash generation, minor ...

[w3c/webauthn] 1e0471: Delete hardline statement about trust requirement ...

[w3c/webauthn] 1e3241: Add link to "attachment modality" reference

[w3c/webauthn] 1f994b: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] 202f93: Fix initial case

[w3c/webauthn] 204da2: improve #936: existing linking lint (#944)

[w3c/webauthn] 233f4e: Built by Travis-CI: b455562d9c50af7fca0c753779d80f...

[w3c/webauthn] 258234: Remove (probably) outdated inline issue 2:

[w3c/webauthn] 26275b: Fix issue #405

[w3c/webauthn] 267419: Fix algorithm steps mistakenly swapped between cli...

[w3c/webauthn] 276d29: Built by Travis-CI: f0acd1ade1ad27bccf52e85435ae72...

[w3c/webauthn] 27ce6e: Review of PR #944 (#945)

[w3c/webauthn] 2a2e9a: Don't wait for experimental job before reporting b...

[w3c/webauthn] 2ceeb7: add domain-only rationale in two places

[w3c/webauthn] 2ecfc3: Built by Travis-CI: a68f1a9256a7d73a71e68cec7d45f2...

[w3c/webauthn] 2ef1db: Introduce WebAuthn Client Device term

[w3c/webauthn] 2f8ea5: Fix variable style

[w3c/webauthn] 33cdaf: Fix issue with |savedCredentialId| scope

[w3c/webauthn] 33d0ce: move ignored extensions admonition, thx emlun!

[w3c/webauthn] 3636bf: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] 3ec508: remove reference to 'preparation', 'enforcement' i...

[w3c/webauthn] 3f04d5: fix 364 timeout reasonable range

[w3c/webauthn] 3f3ace: Use [=client device=] term in Attachment Modality ...

[w3c/webauthn] 442771: Built by Travis-CI: d3c0757acd9f630774ce3d5ecf8d8e...

[w3c/webauthn] 4728cc: Change "does consent" to "confirms consent"

[w3c/webauthn] 488878: Built by Travis-CI: 99c552c7998b9b80a2be2a185fee1c...

[w3c/webauthn] 502dc8: Built by Travis-CI: a68f1a9256a7d73a71e68cec7d45f2...

[w3c/webauthn] 5300df: Replace <pre class="idl">s with <xmp>s

[w3c/webauthn] 54f8a9: Address most of @equalsJeffH's review comments

[w3c/webauthn] 594501: Address review comment

[w3c/webauthn] 5c04f8: Resolve inline issue 2

[w3c/webauthn] 63c71d: Add example of new device enrollment via roaming a...

[w3c/webauthn] 702249: Built by Travis-CI: a188cb7e1b13990b060994e6c63b5f...

[w3c/webauthn] 73c1a5: Built by Travis-CI: b4e3fcc9b35584bc45fd83460c5936...

[w3c/webauthn] 76f251: Replace <pre class="idl">s with <xmp>s (#949)

[w3c/webauthn] 779194: Address @equalsJeffH's review comments

[w3c/webauthn] 7958ff: shouldSHOULD

[w3c/webauthn] 79b5b0: Built by Travis-CI: f3b706b2b1a47ce53de8ebfa74fd88...

[w3c/webauthn] 828b5b: Add list of benefits RP gains from the spec

[w3c/webauthn] 82e3ff: Allow client to return NotAllowedError early if su...

[w3c/webauthn] 83ec7c: Built by Travis-CI: 2d669ded704e8adffd6e1fe981bd46...

[w3c/webauthn] 86cb4c: Built by Travis-CI: a583650f1e98abe83446fcf59d8ae8...

[w3c/webauthn] 89a372: Built by Travis-CI: 76f25149b970227fbe4960f3790719...

[w3c/webauthn] 8b6b7e: Reword definitions of |authenticators|

[w3c/webauthn] 8c47bc: Replace old <dfn>s with links

[w3c/webauthn] 8e9d45: Built by Travis-CI: cdbd4ca6eb3be6a9daf4d0ed76bcf5...

[w3c/webauthn] 900626: Specify extension type in listing instead of prose

[w3c/webauthn] 926242: re-do section references per selfissued

[w3c/webauthn] 946007: Address review comment

[w3c/webauthn] 95a95d: Built by Travis-CI: 5cc9a6ac8cd9485ea3c23b40e9d230...

[w3c/webauthn] 990b89: Address some of @equalsJeffH's review comments

[w3c/webauthn] 9a3132: Remove redundant note about non-normativity

[w3c/webauthn] 9bd9dd: Fixed example with incorrect allowCredential. Impr...

[w3c/webauthn] a11b03: Built by Travis-CI: 1d8c9d20015c1d0d373f191e33eb1a...

[w3c/webauthn] a188cb: Merging, per 27-Jun-18 working group call decision

[w3c/webauthn] a1f508: Built by Travis-CI: 1d8c9d20015c1d0d373f191e33eb1a...

[w3c/webauthn] a3d32a: Built by Travis-CI: b4e3fcc9b35584bc45fd83460c5936...

[w3c/webauthn] a3d57a: Built by Travis-CI: e243c2c7e4958d1e9cf65bf7c9c7e1...

[w3c/webauthn] a510bb: Change "human being" to "natural person" and link ...

[w3c/webauthn] a58365: ignored extn does not return a value (#967)

[w3c/webauthn] a6ab65: Mention rate limiting in UV definition

[w3c/webauthn] a6cc12: fix 866

[w3c/webauthn] a74135: address emlun's review comment

[w3c/webauthn] aa925e: Built by Travis-CI: 10b27b671d42b437f0ce1bc3050f43...

[w3c/webauthn] ab8f36: client-side normativity to SHOULD

[w3c/webauthn] abe3e7: Built by Travis-CI: a583650f1e98abe83446fcf59d8ae8...

[w3c/webauthn] ac03dd: be explicit re SHA-256

[w3c/webauthn] ad9428: fix issue #932 clarify rpIdHash generation, minor ...

[w3c/webauthn] ae36c3: Built by Travis-CI: 76f25149b970227fbe4960f3790719...

[w3c/webauthn] b136ba: Add @equalsJeffH's rewording

[w3c/webauthn] b5810b: Tone back trust assumption in authn ceremony struc...

[w3c/webauthn] b5db78: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] b609a2: Change "enrolled" to "configured"

[w3c/webauthn] b78943: Address the rest of @equalsJeffH's review comments

[w3c/webauthn] b7ac18: Update web-platform-tests URLs (#947)

[w3c/webauthn] b971c6: Always capitalize Authentication in this context

[w3c/webauthn] b9721b: Built by Travis-CI: 0f5b3a806a9f8e2ff02207fd673e13...

[w3c/webauthn] ba6d26: Fix Note:s mistakenly swapped between client opera...

[w3c/webauthn] c03ddd: Built by Travis-CI: a188cb7e1b13990b060994e6c63b5f...

[w3c/webauthn] c143aa: Add Dockerfile with Bikeshed installed (#942)

[w3c/webauthn] c54adb: tag occurances of 'verification procedure' improve...

[w3c/webauthn] c74674: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] cac5d6: add dfn of webauthn RP

[w3c/webauthn] cdbd4c: Note that the icon URL may be a data: URL (#937)

[w3c/webauthn] cfd3f4: Built by Travis-CI: 10b27b671d42b437f0ce1bc3050f43...

[w3c/webauthn] d1a49f: revise RP ID definition and Note

[w3c/webauthn] d26ecf: Re-introduce missing definitions of [cross-]platfo...

[w3c/webauthn] d6b1fb: remove some dfn tags from section headers, improve...

[w3c/webauthn] dca382: Built by Travis-CI: 2b5246585fe1703cf13775275dba57...

[w3c/webauthn] defb7b: ignored extn does not return a value

[w3c/webauthn] df81b6: Eliminate the “not-supported” option for tokenBind...

[w3c/webauthn] e243c2: revise RP ID definition and Note (#970)

[w3c/webauthn] e59a95: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] e5aad1: Built by Travis-CI: 2d669ded704e8adffd6e1fe981bd46...

[w3c/webauthn] e69bfc: employ PRECIS RFC8264 et al for 'name'-ish domstri...

[w3c/webauthn] ead943: Built by Travis-CI: cdbd4ca6eb3be6a9daf4d0ed76bcf5...

[w3c/webauthn] eb7228: add anchor to authnrMakeCred user consent step

[w3c/webauthn] eb9506: Built by Travis-CI: c143aa0c98a4b2eb66c8990e84b20b...

[w3c/webauthn] f0acd1: Per Credential Signature Counters (#935)

[w3c/webauthn] f0fdbe: Add experimental Travis build with no Bikeshed cac...

[w3c/webauthn] f55c4c: Remove mention of a timeout for isUserVerifyingPla...

[w3c/webauthn] f937d2: Fix reference to undefined [=transport=]

[w3c/webauthn] f97fb7: Address some review comments

[w3c/webauthn] f9e2c2: Built by Travis-CI: 204da2313c68f13b1baef944273349...

[w3c/webauthn] fc385a: Link Rate limiting

[w3c/webauthn] fd73fa: Clarify difference between |x5c| and |aikCert| in ...

[w3c/webauthn] febcf5: Built by Travis-CI: b7ac1867e94d6adb2c0a582f34bf21...

[webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1

[webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way

[webauthn] add 'spec roadmap' section

[webauthn] Add an “internal” AuthenticatorTransport.

[webauthn] Add clearer definition of API use cases to the spec

[webauthn] Add Dockerfile with Bikeshed installed

[webauthn] Add example of new device enrollment via roaming authenticator

[webauthn] Add experimental Travis build with no Bikeshed cache

[webauthn] Add getAuthenticatorInfo to the Authenticator Model section

[webauthn] Add two abort paths for getting an assertion

[webauthn] Added TPM verification clarifications

[webauthn] Address review comment

[webauthn] Adopt definition list markdown notation for dfn blocks

[webauthn] Allow client to return NotAllowedError early if success is impossible

[webauthn] Allow clients to stop the `get` flow when certain conditions are met

[webauthn] Allow hot-plugged authenticators?

[webauthn] AppID extension: protocol version number?

[webauthn] appid extension: value when not acted upon?

[webauthn] Ask for tests for normative changes in CONTRIBUTING.md

[webauthn] Attestation validation issues

[webauthn] Authenticator selection extension needs to define snapshotting behavior

[webauthn] bikeshed now catching existing link in master->index.bs

[webauthn] bikeshed now catching existing lint in master->index.bs

[webauthn] Candidate recommendation exit criteria

[webauthn] capitalize "must" in Note in authenticatorGetAssertion operation

[webauthn] clarify generation of rpIdHash

[webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense

[webauthn] clean up RFC2119 language again

[webauthn] cleanup: mark & structure biblio references consistently

[webauthn] Client-generated challenges

[webauthn] Closed Pull Request: Allow client to return NotAllowedError early if success is impossible

[webauthn] Closed Pull Request: Introduce WebAuthn Client Device term

[webauthn] Closed Pull Request: Merge {#sample-scenarios} section with the {#usecase} section

[webauthn] Closed Pull Request: WIP: Authenticator taxonomy

[webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices

[webauthn] credential id privacy

[webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys

[webauthn] Define meaning of "Scope"

[webauthn] Defining meaning of "Scope"

[webauthn] Display name content rules?

[webauthn] Document prevention of attacks on privacy

[webauthn] document why only "valid domain" format is allowed for "effective domain"

[webauthn] Eliminate duplicate terminology

[webauthn] Eliminate the “not-supported” option for tokenBinding.status

[webauthn] Feature-Identifier value for WebAuthn?

[webauthn] Fetch intergration for WebAuthn API

[webauthn] fix #180: do not totally lose the term "WebAuthn Relying Party"

[webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values

[webauthn] fix issue #932 clarify rpIdHash generation, minor editorial linking

[webauthn] Fixed example with incorrect allowCredential. Improved existing examples

[webauthn] further details for authenticatorCancel operation

[webauthn] Grammar error in Sec 13.1

[webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?

[webauthn] Icon format / conversion

[webauthn] ignored extn does not return a value

[webauthn] improve #936: existing linking lint

[webauthn] Improve clarity of |x5c| in packed and tpm attstmt verification procedures

[webauthn] Introduce WebAuthn Client Device term

[webauthn] introductory abort language missing from [[Get]]() section

[webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes?

[webauthn] Mention rate limiting in UV definition

[webauthn] Merge {#sample-scenarios} section with the {#usecase} section

[webauthn] Merged Pull Request: Add Dockerfile with Bikeshed installed

[webauthn] Merged Pull Request: Add example of new device enrollment via roaming authenticator

[webauthn] Merged Pull Request: Add experimental Travis build with no Bikeshed cache

[webauthn] Merged Pull Request: Address review comment

[webauthn] Merged Pull Request: Adopt definition list markdown notation for dfn blocks

[webauthn] Merged Pull Request: Correct usage of RFC 2119 keywords again

[webauthn] Merged Pull Request: Document prevention of attacks on privacy

[webauthn] Merged Pull Request: Eliminate the “not-supported” option for tokenBinding.status

[webauthn] Merged Pull Request: Finish up hot-plugging algorithm language

[webauthn] Merged Pull Request: fix issue #932 clarify rpIdHash generation, minor editorial linking

[webauthn] Merged Pull Request: Fixed example with incorrect allowCredential. Improved existing examples

[webauthn] Merged Pull Request: ignored extn does not return a value

[webauthn] Merged Pull Request: improve #936: existing linking lint

[webauthn] Merged Pull Request: Improve clarity of |x5c| in packed and tpm attstmt verification procedures

[webauthn] Merged Pull Request: Introduce WebAuthn Client Device term

[webauthn] Merged Pull Request: Mention rate limiting in UV definition

[webauthn] Merged Pull Request: Note that the icon URL may be a data: URL

[webauthn] Merged Pull Request: Per Credential Signature Counters

[webauthn] Merged Pull Request: PR #900 post-merge review changes

[webauthn] Merged Pull Request: Remove (probably) outdated inline issue 2

[webauthn] Merged Pull Request: Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable

[webauthn] Merged Pull Request: Replace <pre class="idl">s with <xmp>s

[webauthn] Merged Pull Request: Review of PR #944

[webauthn] Merged Pull Request: revise RP ID definition and Note

[webauthn] Merged Pull Request: Specify extension types in listing instead of prose

[webauthn] Merged Pull Request: Tone back trust assumption in authn ceremony structures section

[webauthn] Merged Pull Request: Trim unnecessary step from appId extension

[webauthn] Merged Pull Request: Update web-platform-tests URLs

[webauthn] Microsoft edge Webauthn APIs makecredential throws DOMException 9 (Not SupportedError)

[webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP

[webauthn] new commits pushed by agl

[webauthn] new commits pushed by akshayku

[webauthn] new commits pushed by AngeloKai

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by kpaulh

[webauthn] new commits pushed by selfissued

[webauthn] new commits pushed by WebAuthnBot

[webauthn] Note on "RP ID" is confusing

[webauthn] Note that the icon URL may be a data: URL

[webauthn] NULL or DOMException

[webauthn] Platform authenticators and key stores

[webauthn] PR #900 post-merge review changes

[webauthn] Pull Request: Add Dockerfile with Bikeshed installed

[webauthn] Pull Request: Add experimental Travis build with no Bikeshed cache

[webauthn] Pull Request: Address review comment

[webauthn] Pull Request: Allow client to return NotAllowedError early if success is impossible

[webauthn] Pull Request: Correct usage of RFC 2119 keywords again

[webauthn] Pull Request: fix #180: do not totally lose the term "WebAuthn Relying Party"

[webauthn] Pull Request: fix #493: be explicit about "same user" is verified at get() time as was verified at create() time

[webauthn] Pull Request: fix #517: add rationale wrt only "valid domain" format is allowed for "effective domain"

[webauthn] Pull Request: Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values

[webauthn] Pull Request: fix #866: clarify sentence wrt challenges

[webauthn] Pull Request: fix 364 timeout reasonable range

[webauthn] Pull Request: fix issue #932 clarify rpIdHash generation, minor editorial linking

[webauthn] Pull Request: ignored extn does not return a value

[webauthn] Pull Request: improve #936: existing linking lint

[webauthn] Pull Request: Improve clarity of |x5c| in packed and tpm attstmt verification procedures

[webauthn] Pull Request: Introduce WebAuthn Client Device term

[webauthn] Pull Request: Mention rate limiting in UV definition

[webauthn] Pull Request: Note that the icon URL may be a data: URL

[webauthn] Pull Request: Per Credential Signature Counters

[webauthn] Pull Request: PR #900 post-merge review changes

[webauthn] Pull Request: Replace <pre class="idl">s with <xmp>s

[webauthn] Pull Request: Review of PR #944

[webauthn] Pull Request: revise RP ID definition and Note

[webauthn] Pull Request: Specify extension types in listing instead of prose

[webauthn] Pull Request: Tone back trust assumption in authn ceremony structures section

[webauthn] Pull Request: Update web-platform-tests URLs

[webauthn] Pull Request: WIP: Authenticator taxonomy (replaces #842)

[webauthn] Recovering from Device Loss

[webauthn] Remove (probably) outdated inline issue 2

[webauthn] Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable

[webauthn] Replace <pre class="idl">s with <xmp>s

[webauthn] Review of PR #944

[webauthn] SafetyNet Attestation Clarifications

[webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData

[webauthn] Specify extension types in listing instead of prose

[webauthn] Tone back trust assumption in authn ceremony structures section

[webauthn] TPM section is missing TPMT_PUBLIC validation steps

[webauthn] Trim unnecessary step from appId extension

[webauthn] truncation to 64-byte upper limit doesn't mention character boundaries

[webauthn] undefined terms and terms we really ought to define

[webauthn] Unused terms

[webauthn] Update web-platform-tests URLs

[webauthn] use `<xmp>` uniformly for WebIDL fragments?

[webauthn] WebAuthn Client

[webauthn] What is FIDO client????

[webauthn] WIP: Authenticator taxonomy

[webauthn] WIP: Authenticator taxonomy (replaces #842)

Closed: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section

Closed: [webauthn] adopt definition list markdown notation for <div dfn-type="foo" dfn-for="bar"> blocks

Closed: [webauthn] Allow hot-plugged authenticators?

Closed: [webauthn] appid extension: value when not acted upon?

Closed: [webauthn] Attestation validation issues

Closed: [webauthn] clarify generation of rpIdHash

Closed: [webauthn] Clarify how a user can authenticate from multiple devices

Closed: [webauthn] clean up RFC2119 language again

Closed: [webauthn] Define meaning of "Scope"

Closed: [webauthn] Delete per RP ID Signature counters

Closed: [webauthn] Describe attacks on privacy that are allowed/prevented

Closed: [webauthn] document preventions of RP-driven de-anonymization attempts in privacy-cons

Closed: [webauthn] Fetch intergration for WebAuthn API

Closed: [webauthn] further details for authenticatorCancel operation

Closed: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?

Closed: [webauthn] Icon format / conversion

Closed: [webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes?

Closed: [webauthn] Meaning of missing tokenBinding in ClientCollectedData?

Closed: [webauthn] Microsoft edge Webauthn APIs makecredential throws DOMException 9 (Not SupportedError)

Closed: [webauthn] normalize RFC2119 language

Closed: [webauthn] Note on "RP ID" is confusing

Closed: [webauthn] Privacy section may wish to discuss recommended user-agent responses to leaks

Closed: [webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData

Closed: [webauthn] Unused terms

Closed: [webauthn] use `<xmp>` uniformly for WebIDL fragments?

Closed: [webauthn] WebAuthn Client

Closed: [webauthn] What is FIDO client????

CR boilerplate

dfn errors when building master branch

fyi: Mastercard Webauthn/FIDO2 Relying Party Reference Implementation

PR 900 review (in arrears)

Touch ID platform authenticator in Chrome

TPAC 2018 registration now open

WebAuthn/WebPayments/PSD2 Demos

who's moz folk(s) covering for J.C. ?

yesterday's minutes

Last message date: Saturday, 30 June 2018 05:04:55 UTC