- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 09 May 2018 16:36:41 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by emlun to https://github.com/w3c/webauthn:
* Fix issue with |savedCredentialId| scope
This fixes one of the inline issues in the spec.
Since the value of the |savedCredentialId| variable depends on the
credentials contained in each |authenticator|, a single global
|savedCredentialId| variable is not sufficient. Therefore a map of
|authenticator|s to |savedCredentialId|s is used instead.
by Emil Lundberg
https://github.com/w3c/webauthn/commit/33cdaf1da2f0384266cc852f8fe8c3db49be7722
* Reformulate "lifetime of |lifetimeTimer|" as "until |lifetimeTimer| expires"
by Emil Lundberg
https://github.com/w3c/webauthn/commit/e124cd769b561a8938fbed8e9964b3d0e20a2d7e
* Merge "for each authenticator" algorithm step into "while timer not expired" step
This merges the previous step 19 of makeCredential in as a switch case
of step 20, and the previous step 18 of getAssertion in as a switch case
of step 19. This way there is only one step in each algorithm that tries
to express things to do asynchronously for the duration of the timer.
The inline `Issue:`s mentioning underspecified behaviour are replaced
with descriptions of an abstract "set of presently available
authenticators" and `Note:`s indicating that this is intentionally
underspecified and meant to represent different connection and discovery
mechanisms all in one.
This also swaps the order of the previous steps 17 ("Start
|lifetimeTimer|.") and 18 ("Let |issuedRequests| be a new ordered set")
of makeCredential, for consistency with getAssertion and so that the
step "Start |lifetimeTimer|." immediately precedes the step "While
|lifetimeTimer| has not expired [...]".
by Emil Lundberg
https://github.com/w3c/webauthn/commit/56fd4467d5ff256fb391423bb35740dbce041853
Received on Wednesday, 9 May 2018 16:36:46 UTC