public-webauthn@w3.org from September 2018 by subject

09/05/2018 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Tuesday, 4 September)

09/12/2018 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Tuesday, 11 September)

09/19/2018 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Wednesday, 19 September)

[EXTERNAL] Re: Call for Consensus - Web Authentication specification

• Giridhar Mandyam (Wednesday, 5 September)

[w3c/webauthn]

• GitHub (Thursday, 20 September)
• GitHub (Thursday, 20 September)
• GitHub (Thursday, 20 September)
• GitHub (Thursday, 20 September)
• GitHub (Wednesday, 19 September)
• GitHub (Wednesday, 19 September)
• GitHub (Tuesday, 18 September)
• GitHub (Tuesday, 18 September)
• GitHub (Tuesday, 18 September)
• GitHub (Tuesday, 18 September)
• GitHub (Wednesday, 12 September)
• GitHub (Wednesday, 12 September)
• GitHub (Wednesday, 12 September)
• GitHub (Wednesday, 12 September)
• GitHub (Tuesday, 11 September)
• GitHub (Tuesday, 11 September)
• GitHub (Wednesday, 5 September)
• GitHub (Tuesday, 4 September)

[w3c/webauthn] 02daac: Built by Travis-CI: 9d497577d8fdc272c626efc2583628...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] 0686f5: Reword the Note: in User Handle a bit

• GitHub (Tuesday, 4 September)

[w3c/webauthn] 07ca17: Built by Travis-CI: db351cdea0e4e3efb9adb9b35c1ff1...

• GitHub (Tuesday, 11 September)

[w3c/webauthn] 09a81c: Fix typo

• GitHub (Thursday, 20 September)

[w3c/webauthn] 0b217c: Built by Travis-CI: 398016e36c8a3a925be918ca3807d2...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] 0ff9ee: Built by Travis-CI: 802613e829023466784acad62c4633...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 1679de: Issue #294 - Add a non-normative comment about sna...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 16c4c1: Built by Travis-CI: 5bdcae469479554be47a368cb22adb...

• GitHub (Tuesday, 11 September)

[w3c/webauthn] 175d9f: Clarify user identification in RP assertion verifi...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 19e76a: update token binding citation

• GitHub (Wednesday, 26 September)

[w3c/webauthn] 1aedd4: Built by Travis-CI: db351cdea0e4e3efb9adb9b35c1ff1...

• GitHub (Tuesday, 11 September)

[w3c/webauthn] 2056fe: Code of Conduct

• GitHub (Wednesday, 26 September)

[w3c/webauthn] 24d91f: Built by Travis-CI: 661a8575fb3156134d64ecdc56208d...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 28f321: fix: defelopers -> developers (#1067)

• GitHub (Tuesday, 18 September)

[w3c/webauthn] 29bbee: Un-revert change from 8e5f2e0 reverted in daf9522 ...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 2af689: Fix #1076 - Don't confuse extension optionality in...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 327af5: Un-revert change from 8e5f2e0 reverted in daf9522

• GitHub (Thursday, 20 September)

[w3c/webauthn] 38ef98: remove Note, thx emlun ;)

• GitHub (Tuesday, 18 September)

[w3c/webauthn] 397187: Add Credential Loss and Key Mobility section to se...

• GitHub (Wednesday, 5 September)

[w3c/webauthn] 398016: Add Credential Loss and Key Mobility section to se...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] 426512: enumerate supported attstn types for packed attstn...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] 435225: Add missing commas

• GitHub (Monday, 10 September)

[w3c/webauthn] 46b133: Built by Travis-CI: 16fee7b5c951ab1bacbd84fe280d88...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 494d57: Define "bound" for credentials and use the term "s...

• GitHub (Monday, 10 September)

[w3c/webauthn] 4d5a9e: clarify relation of user handle as value of 'user....

• GitHub (Wednesday, 12 September)

[w3c/webauthn] 4f790f: Built by Travis-CI: 06c4808ce4fdeefc4c6d6264dd6aee...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] 51fcbe: Built by Travis-CI: 29bbee1b02de1f3607df185aa0ca2e...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 529747: Fix #1068: Fix a reference to privacy consideratio...

• GitHub (Wednesday, 19 September)
• GitHub (Monday, 17 September)

[w3c/webauthn] 5517fe: Address most of @equalsJeffH's review comments

• GitHub (Monday, 17 September)

[w3c/webauthn] 5568ae: Built by Travis-CI: a6cc20dd78b480d99ab1dfa918f05e...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 5721bf: Built by Travis-CI: 76cf6dfb3ef6744c52d3796cd2569f...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 5c33b6: Add Username Enumeration section to privacy consid...

• GitHub (Wednesday, 12 September)
• GitHub (Wednesday, 12 September)
• GitHub (Tuesday, 11 September)
• GitHub (Tuesday, 11 September)

[w3c/webauthn] 5e8ce8: Built by Travis-CI: 16fee7b5c951ab1bacbd84fe280d88...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 5fee95: Built by Travis-CI: ee934de2c8524528b5228af565eb72...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 661a85: token binding ID is a client platform-specific ope...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 665733: Fix typo in figure 1

• GitHub (Tuesday, 25 September)

[w3c/webauthn] 6899e7: fix an oops

• GitHub (Monday, 10 September)

[w3c/webauthn] 693fd4: Built by Travis-CI: ee934de2c8524528b5228af565eb72...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 6a05ce: Built by Travis-CI: 661a8575fb3156134d64ecdc56208d...

• GitHub (Thursday, 20 September)

[w3c/webauthn] 6adfc5: Feedback-01

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 76cf6d: Fix typo (#1081)

• GitHub (Thursday, 20 September)

[w3c/webauthn] 77af8a: Update figure 1 to agree with figure 2 on clientDa...

• GitHub (Tuesday, 18 September)
• GitHub (Monday, 10 September)

[w3c/webauthn] 7c75d6: Adopt consistent case for section headings

• GitHub (Wednesday, 5 September)

[w3c/webauthn] 802613: Issue #1045 - Add Platform-Specific Implementation...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 80eaff: Spell out that values expressing attestation type ...

• GitHub (Tuesday, 18 September)
• GitHub (Monday, 17 September)

[w3c/webauthn] 845e92: Add missing commas

• GitHub (Monday, 10 September)

[w3c/webauthn] 89604c: Built by Travis-CI: e8ba348b5605c8a8ea1d3e6514d6c5...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 8e5f2e: Make implementation-specificness of attestn.verif....

• GitHub (Tuesday, 18 September)
• GitHub (Tuesday, 18 September)

[w3c/webauthn] 9a99d4: Fix typo

• GitHub (Monday, 10 September)

[w3c/webauthn] 9b2016: Built by Travis-CI: daf95225fc9edfe0a894c747d91b2c...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] 9d4975: fix #403: user handle - account relationship (#105...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] 9e97b5: Built by Travis-CI: b90f7f53e713a8a2cc36c8b973acd6...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] a095a9: Built by Travis-CI: 28f32160e6a6b03847d523fc6237ec...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] a7773d: Built by Travis-CI: 76cf6dfb3ef6744c52d3796cd2569f...

• GitHub (Thursday, 20 September)

[w3c/webauthn] ad1e2c: Built by Travis-CI: 426512a1d8a9d056b544e8b68a807d...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] ad6743: fix 403

• GitHub (Tuesday, 4 September)

[w3c/webauthn] af62ff: Built by Travis-CI: 28f32160e6a6b03847d523fc6237ec...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] b25408: Add links, thanks @equalsJeffH!

• GitHub (Tuesday, 18 September)

[w3c/webauthn] b8f7ac: Built by Travis-CI: 426512a1d8a9d056b544e8b68a807d...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] b90f7f: add 'spec roadmap' section (#375)

• GitHub (Wednesday, 12 September)

[w3c/webauthn] be2f5d: Built by Travis-CI: 1679de2d1c989ff6de8331d1ee4a15...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] be30a2: Add note about Basic and AttCA being indistinguish...

• GitHub (Wednesday, 19 September)
• GitHub (Tuesday, 4 September)

[w3c/webauthn] bf6a60: Built by Travis-CI: 06c4808ce4fdeefc4c6d6264dd6aee...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] c60b97: Built by Travis-CI: e8ba348b5605c8a8ea1d3e6514d6c5...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] c90bd2: Built by Travis-CI: 398016e36c8a3a925be918ca3807d2...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] cc945b: Built by Travis-CI: daf95225fc9edfe0a894c747d91b2c...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] cf07d2: update per emlun's comment, thx!

• GitHub (Wednesday, 12 September)

[w3c/webauthn] d054b3: fix misspelling

• GitHub (Tuesday, 18 September)

[w3c/webauthn] d38d12: Built by Travis-CI: 2056feede7550649ff61bdfce17d96...

• GitHub (Wednesday, 26 September)

[w3c/webauthn] d4faac: enumerate supported attstn types for packed attstn...

• GitHub (Wednesday, 12 September)

[w3c/webauthn] d7e181: fix #360

• GitHub (Thursday, 20 September)

[w3c/webauthn] daf952: Clarify use of authorization lists in Android Key ...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] dbc455: fix oopsies and try to polish

• GitHub (Monday, 10 September)

[w3c/webauthn] e29dba: Adopt consistent case for section headings

• GitHub (Tuesday, 11 September)
• GitHub (Wednesday, 5 September)

[w3c/webauthn] e320eb: use 'attacker' instead of 'user'

• GitHub (Wednesday, 5 September)
• GitHub (Wednesday, 5 September)

[w3c/webauthn] e6467a: revise Note, thx emlun!

• GitHub (Monday, 10 September)

[w3c/webauthn] e8ba34: cognitive-accessibility consideration (#1075)

• GitHub (Wednesday, 19 September)

[w3c/webauthn] e8f7a2: Built by Travis-CI: 1679de2d1c989ff6de8331d1ee4a15...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] e9f033: Built by Travis-CI: 29bbee1b02de1f3607df185aa0ca2e...

• GitHub (Thursday, 20 September)

[w3c/webauthn] ed89ef: Built by Travis-CI: 802613e829023466784acad62c4633...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] ef1fcc: Built by Travis-CI: 9d497577d8fdc272c626efc2583628...

• GitHub (Tuesday, 18 September)

[w3c/webauthn] f23c10: Built by Travis-CI: a6cc20dd78b480d99ab1dfa918f05e...

• GitHub (Wednesday, 19 September)

[w3c/webauthn] f73e78: cognitive

• GitHub (Wednesday, 19 September)

[w3c/webauthn] fd0e06: link other occurrances of 'map'

• GitHub (Wednesday, 5 September)

[webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way

• Boris Zbarsky via GitHub (Thursday, 27 September)

[webauthn] About the canonical CBOR encoding form

• Emil Lundberg via GitHub (Monday, 17 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Peter Occil via GitHub (Wednesday, 5 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Peter Occil via GitHub (Monday, 3 September)

[webauthn] Add Credential Loss and Key Mobility section to security considerations

• =JeffH via GitHub (Wednesday, 12 September)
• Anthony Nadalin via GitHub (Wednesday, 5 September)

[webauthn] Add Username Enumeration section to privacy considerations

• Emil Lundberg via GitHub (Monday, 10 September)
• Samuel Weiler via GitHub (Wednesday, 5 September)

[webauthn] Adding the way to get trust anchors for CTAP1/U2F authenticators

• Ki-Eun Shin via GitHub (Monday, 10 September)

[webauthn] address needs of various webauthn spec audiences

• =JeffH via GitHub (Tuesday, 18 September)

[webauthn] Adopt consistent case for section headings

• Emil Lundberg via GitHub (Monday, 10 September)
• Anthony Nadalin via GitHub (Wednesday, 5 September)

[webauthn] Ambiguous/wrong instructions in Android Key Attestation Statement Format verification procedure

• Arnar Birgisson via GitHub (Tuesday, 18 September)
• Anthony Nadalin via GitHub (Tuesday, 18 September)

[webauthn] Authenticator selection extension needs to define snapshotting behavior

• Boris Zbarsky via GitHub (Thursday, 27 September)
• Boris Zbarsky via GitHub (Thursday, 27 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)
• J.C. Jones via GitHub (Wednesday, 19 September)
• =JeffH via GitHub (Wednesday, 19 September)

[webauthn] Clarify use of authorization lists in Android Key Attestation

• Arnar Birgisson via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] Clarify user identification in RP assertion verification operation

• =JeffH via GitHub (Thursday, 27 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Clarify which user to authenticate if userHandle is not present

• Emil Lundberg via GitHub (Tuesday, 25 September)
• milesstoetzner via GitHub (Monday, 24 September)
• Emil Lundberg via GitHub (Monday, 24 September)
• milesstoetzner via GitHub (Monday, 24 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• milesstoetzner via GitHub (Thursday, 20 September)

[webauthn] Closed Pull Request: PR 1052 review suggestion

• Emil Lundberg via GitHub (Wednesday, 12 September)

[webauthn] cognitive

• Akshay Kumar via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] cognitive-accessibility consideration

• =JeffH via GitHub (Wednesday, 19 September)
• John Rochford via GitHub (Friday, 7 September)

[webauthn] Document wide review

• Samuel Weiler via GitHub (Wednesday, 19 September)

[webauthn] Editorial: WebAuthn or WebAuthN

• Emil Lundberg via GitHub (Wednesday, 12 September)
• Rolf Lindemann via GitHub (Wednesday, 12 September)
• Anthony Nadalin via GitHub (Wednesday, 12 September)
• Adam Langley via GitHub (Wednesday, 12 September)
• Rolf Lindemann via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Mike Jones via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Adam Powers via GitHub (Wednesday, 5 September)

[webauthn] Ensure hard-coded step references in RP ops are correct

• =JeffH via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)

[webauthn] Explain how Token Binding IDs get associated with an HTML context.

• =JeffH via GitHub (Thursday, 20 September)
• Mike Jones via GitHub (Thursday, 20 September)

[webauthn] FIDO U2F supports Attestation CA (AttCA)?

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Fix #1059: Update figure 1 to agree with figure 2 on clientDataJSON naming

• Anthony Nadalin via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Monday, 17 September)
• Anthony Nadalin via GitHub (Tuesday, 11 September)

[webauthn] Fix #1068: Fix a reference to privacy considerations

• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)

[webauthn] Fix #1076 - Don't confuse extension optionality in Sec 10

• Samuel Weiler via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• Anthony Nadalin via GitHub (Thursday, 20 September)
• Akshay Kumar via GitHub (Thursday, 20 September)

[webauthn] fix #403: user handle - account relationship

• Anthony Nadalin via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• Emil Lundberg via GitHub (Thursday, 6 September)

[webauthn] Fix typo

• Emil Lundberg via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] fix: defelopers -> developers

• Samuel Vaillant via GitHub (Friday, 14 September)

[webauthn] Highlight Basic/AttCA ambiguity in definitions and verification procedures

• Anthony Nadalin via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Anthony Nadalin via GitHub (Tuesday, 18 September)
• Anthony Nadalin via GitHub (Wednesday, 5 September)

[webauthn] Issue #1045 - Add Platform-Specific Implementation Guidance

• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Issue #294 - Add a non-normative comment about snapshotting BufferSources

• J.C. Jones via GitHub (Wednesday, 19 September)
• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Leap of Faith not only for Self and None Attestation Types

• milesstoetzner via GitHub (Friday, 28 September)

[webauthn] Merged Pull Request: add 'spec roadmap' section

• =JeffH via GitHub (Wednesday, 12 September)

[webauthn] Merged Pull Request: Add Credential Loss and Key Mobility section to security considerations

• =JeffH via GitHub (Wednesday, 12 September)

[webauthn] Merged Pull Request: Add Username Enumeration section to privacy considerations

• Emil Lundberg via GitHub (Tuesday, 11 September)

[webauthn] Merged Pull Request: Adopt consistent case for section headings

• Emil Lundberg via GitHub (Tuesday, 11 September)

[webauthn] Merged Pull Request: Clarify use of authorization lists in Android Key Attestation

• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: cognitive

• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: enumerate actual supported attstn types for packed attestation statement format

• =JeffH via GitHub (Wednesday, 12 September)

[webauthn] Merged Pull Request: Fix #1059: Update figure 1 to agree with figure 2 on clientDataJSON naming

• Emil Lundberg via GitHub (Tuesday, 18 September)

[webauthn] Merged Pull Request: Fix #1068: Fix a reference to privacy considerations

• Emil Lundberg via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: Fix #1076 - Don't confuse extension optionality in Sec 10

• jfontana via GitHub (Thursday, 20 September)

[webauthn] Merged Pull Request: fix #403: user handle - account relationship

• =JeffH via GitHub (Tuesday, 18 September)

[webauthn] Merged Pull Request: Fix typo

• J.C. Jones via GitHub (Thursday, 20 September)

[webauthn] Merged Pull Request: fix: defelopers -> developers

• =JeffH via GitHub (Tuesday, 18 September)

[webauthn] Merged Pull Request: Highlight Basic/AttCA ambiguity in definitions and verification procedures

• Emil Lundberg via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: Issue #1045 - Add Platform-Specific Implementation Guidance

• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: Issue #294 - Add a non-normative comment about snapshotting BufferSources

• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Merged Pull Request: Make implementation-specificness of attestn.verif. return values more explicit

• Emil Lundberg via GitHub (Tuesday, 18 September)

[webauthn] Merged Pull Request: note that obtaining a token binding ID is a client platform-specific operation

• Akshay Kumar via GitHub (Thursday, 20 September)

[webauthn] Merged Pull Request: Spell out that values expressing attestation type are implementation specific

• Emil Lundberg via GitHub (Tuesday, 18 September)

[webauthn] Merged Pull Request: Un-revert change from 8e5f2e0 reverted in daf9522

• Akshay Kumar via GitHub (Thursday, 20 September)

[webauthn] Merged Pull Request: use 'attacker' instead of 'user'

• Emil Lundberg via GitHub (Wednesday, 5 September)

[webauthn] Missing steps of checking pubKeyCredParams during registration step at RP server

• Ki-Eun Shin via GitHub (Monday, 10 September)

[webauthn] Mobile support

• Emil Lundberg via GitHub (Thursday, 20 September)
• Ivan Kupalov via GitHub (Thursday, 20 September)
• J.C. Jones via GitHub (Wednesday, 19 September)
• Rolf Lindemann via GitHub (Wednesday, 19 September)
• =JeffH via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)
• J.C. Jones via GitHub (Wednesday, 19 September)
• =JeffH via GitHub (Wednesday, 19 September)
• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] new commits pushed by akshayku

• Akshay Kumar via GitHub (Thursday, 20 September)
• Akshay Kumar via GitHub (Thursday, 20 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] new commits pushed by emlun

• Emil Lundberg via GitHub (Tuesday, 25 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Wednesday, 19 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Tuesday, 18 September)
• Emil Lundberg via GitHub (Monday, 17 September)
• Emil Lundberg via GitHub (Monday, 17 September)
• Emil Lundberg via GitHub (Monday, 17 September)
• Emil Lundberg via GitHub (Tuesday, 11 September)
• Emil Lundberg via GitHub (Tuesday, 11 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Emil Lundberg via GitHub (Wednesday, 5 September)
• Emil Lundberg via GitHub (Tuesday, 4 September)
• Emil Lundberg via GitHub (Tuesday, 4 September)

[webauthn] new commits pushed by equalsJeffH

• =JeffH via GitHub (Wednesday, 26 September)
• =JeffH via GitHub (Thursday, 20 September)
• =JeffH via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Tuesday, 11 September)
• =JeffH via GitHub (Monday, 10 September)
• =JeffH via GitHub (Monday, 10 September)
• =JeffH via GitHub (Monday, 10 September)
• =JeffH via GitHub (Monday, 10 September)
• =JeffH via GitHub (Wednesday, 5 September)
• =JeffH via GitHub (Tuesday, 4 September)
• =JeffH via GitHub (Tuesday, 4 September)

[webauthn] new commits pushed by jcjones

• J.C. Jones via GitHub (Thursday, 20 September)
• J.C. Jones via GitHub (Wednesday, 19 September)
• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] new commits pushed by plehegar

• Philippe Le Hegaret via GitHub (Wednesday, 26 September)

[webauthn] new commits pushed by samuelweiler

• Samuel Weiler via GitHub (Wednesday, 5 September)

[webauthn] new commits pushed by WebAuthnBot

• WebAuthnBot via GitHub (Wednesday, 26 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Thursday, 20 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Wednesday, 19 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Tuesday, 18 September)
• WebAuthnBot via GitHub (Wednesday, 12 September)
• WebAuthnBot via GitHub (Wednesday, 12 September)
• WebAuthnBot via GitHub (Wednesday, 12 September)
• WebAuthnBot via GitHub (Wednesday, 12 September)
• WebAuthnBot via GitHub (Wednesday, 12 September)
• WebAuthnBot via GitHub (Tuesday, 11 September)
• WebAuthnBot via GitHub (Tuesday, 11 September)
• WebAuthnBot via GitHub (Tuesday, 11 September)

[webauthn] new commits pushed by YubicoDemo

• jfontana via GitHub (Thursday, 20 September)

[webauthn] No way to specify transports during registration step

• Yoshikazu Nojima via GitHub (Saturday, 29 September)
• Yoshikazu Nojima via GitHub (Saturday, 29 September)

[webauthn] No way to verify requireResidentKey during registration step at RP side

• Ki-Eun Shin via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Ki-Eun Shin via GitHub (Monday, 10 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Ki-Eun Shin via GitHub (Monday, 10 September)

[webauthn] NULL or DOMException

• =JeffH via GitHub (Thursday, 20 September)
• jfontana via GitHub (Thursday, 20 September)
• Akshay Kumar via GitHub (Thursday, 20 September)
• =JeffH via GitHub (Thursday, 20 September)
• Mike Jones via GitHub (Thursday, 20 September)

[webauthn] Packed attestation statement format supports all types but None ?

• =JeffH via GitHub (Wednesday, 12 September)
• =JeffH via GitHub (Wednesday, 12 September)

[webauthn] PR 1052 review suggestion

• Emil Lundberg via GitHub (Wednesday, 12 September)

[webauthn] Pre-registration discovery for roaming authenticators

• Skyler Berg via GitHub (Monday, 17 September)

[webauthn] Provide transport information during registration.

• Adam Langley via GitHub (Friday, 21 September)
• Anthony Nadalin via GitHub (Tuesday, 18 September)
• =JeffH via GitHub (Tuesday, 18 September)
• Anthony Nadalin (Tuesday, 18 September)
• Christiaan Brand via GitHub (Tuesday, 18 September)
• Christiaan Brand via GitHub (Friday, 14 September)
• Akshay Kumar via GitHub (Wednesday, 12 September)
• Adam Langley via GitHub (Wednesday, 12 September)
• Akshay Kumar via GitHub (Tuesday, 11 September)
• Anthony Nadalin via GitHub (Tuesday, 11 September)
• Nick Doty via GitHub (Friday, 7 September)
• Emil Lundberg via GitHub (Friday, 7 September)
• Tom Ritter via GitHub (Friday, 7 September)
• Nick Doty via GitHub (Friday, 7 September)
• Anthony Nadalin via GitHub (Wednesday, 5 September)

[webauthn] Pull Request: Add Credential Loss and Key Mobility section to security considerations

• Emil Lundberg via GitHub (Wednesday, 5 September)

[webauthn] Pull Request: Adopt consistent case for section headings

• Emil Lundberg via GitHub (Wednesday, 5 September)

[webauthn] Pull Request: Clarify use of authorization lists in Android Key Attestation

• Arnar Birgisson via GitHub (Tuesday, 18 September)

[webauthn] Pull Request: Clarify user identification in RP assertion verification operation

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Pull Request: cognitive

• Akshay Kumar via GitHub (Wednesday, 19 September)

[webauthn] Pull Request: enumerate actual supported attstn types for packed attestation statement format

• =JeffH via GitHub (Wednesday, 12 September)

[webauthn] Pull Request: Fix #1059: Update figure 1 to agree with figure 2 on clientDataJSON naming

• Emil Lundberg via GitHub (Monday, 10 September)

[webauthn] Pull Request: Fix #1068: Fix a reference to privacy considerations

• Emil Lundberg via GitHub (Monday, 17 September)

[webauthn] Pull Request: Fix #1076 - Don't confuse extension optionality in Sec 10

• J.C. Jones via GitHub (Thursday, 20 September)

[webauthn] Pull Request: fix #403: user handle - account relationship

• =JeffH via GitHub (Tuesday, 4 September)

[webauthn] Pull Request: Fix typo

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Pull Request: fix: defelopers -> developers

• Samuel Vaillant via GitHub (Friday, 14 September)

[webauthn] Pull Request: Highlight Basic/AttCA ambiguity in definitions and verification procedures

• Emil Lundberg via GitHub (Tuesday, 4 September)

[webauthn] Pull Request: Issue #1045 - Add Platform-Specific Implementation Guidance

• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Pull Request: Issue #294 - Add a non-normative comment about snapshotting BufferSources

• J.C. Jones via GitHub (Wednesday, 19 September)

[webauthn] Pull Request: Issue 1084 figure typo

• Emil Lundberg via GitHub (Tuesday, 25 September)

[webauthn] Pull Request: Make implementation-specificness of attestn.verif. return values more explicit

• Emil Lundberg via GitHub (Tuesday, 18 September)

[webauthn] Pull Request: note that obtaining a token binding ID is a client platform-specific operation

• =JeffH via GitHub (Thursday, 20 September)

[webauthn] Pull Request: PR 1052 review suggestion

• Emil Lundberg via GitHub (Tuesday, 4 September)

[webauthn] Pull Request: Spell out that values expressing attestation type are implementation specific

• Emil Lundberg via GitHub (Monday, 17 September)

[webauthn] Pull Request: Un-revert change from 8e5f2e0 reverted in daf9522

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Pull Request: update token binding citation

• =JeffH via GitHub (Wednesday, 26 September)

[webauthn] Pull Request: use 'attacker' instead of 'user'

• Samuel Weiler via GitHub (Wednesday, 5 September)

[webauthn] Section 10: extensions are OPTIONAL

• J.C. Jones via GitHub (Thursday, 20 September)
• Mike Jones via GitHub (Thursday, 20 September)
• J.C. Jones via GitHub (Wednesday, 19 September)
• jfontana via GitHub (Wednesday, 19 September)
• Samuel Weiler via GitHub (Wednesday, 19 September)

[webauthn] Security threat: Username enumeration

• Samuel Weiler via GitHub (Wednesday, 5 September)

[webauthn] Spell out that values expressing attestation type are implementation specific

• Emil Lundberg via GitHub (Tuesday, 18 September)

[webauthn] Typo

• milesstoetzner via GitHub (Friday, 28 September)

[webauthn] Typo in Android SafetyNet verification procedure

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Typo in Figure 1?

• =JeffH via GitHub (Wednesday, 26 September)
• Emil Lundberg via GitHub (Tuesday, 25 September)
• Adam Powers via GitHub (Tuesday, 25 September)
• Nick Steele via GitHub (Tuesday, 25 September)
• Fuqiao Xue via GitHub (Sunday, 23 September)

[webauthn] Un-revert change from 8e5f2e0 reverted in daf9522

• Emil Lundberg via GitHub (Thursday, 20 September)

[webauthn] Unspecified CBOR encoding of high-valued integer numbers due to unspecified threshold

• Adam Langley via GitHub (Wednesday, 12 September)

[webauthn] Update Figure 1 to follow up the spec modification

• =JeffH via GitHub (Wednesday, 12 September)
• Emil Lundberg via GitHub (Monday, 10 September)
• Ki-Eun Shin via GitHub (Monday, 10 September)

[webauthn] update token binding citation

• =JeffH via GitHub (Friday, 28 September)

[webauthn] update token binding reference to ref the actual RFC

• =JeffH via GitHub (Wednesday, 26 September)

[webauthn] Verify signature first in RP operations?

• Emil Lundberg via GitHub (Wednesday, 12 September)
• Adam Langley via GitHub (Wednesday, 12 September)
• ralshammrei via GitHub (Tuesday, 11 September)
• Emil Lundberg via GitHub (Monday, 10 September)

[webauthn] Wrong Registration Ceremony Privacy Reference

• Emil Lundberg via GitHub (Monday, 17 September)
• milesstoetzner via GitHub (Monday, 17 September)

All PropRec PRs ready to merge

• Mike Jones (Monday, 17 September)

Call for Consensus - Web Authentication specification

• John Fontana (Wednesday, 5 September)
• John Fontana (Wednesday, 5 September)

Closed: [webauthn] About the canonical CBOR encoding form

• Emil Lundberg via GitHub (Wednesday, 5 September)

Closed: [webauthn] address needs of various webauthn spec audiences

• J.C. Jones via GitHub (Wednesday, 19 September)

Closed: [webauthn] Adopt consistent case for section headings

• Emil Lundberg via GitHub (Tuesday, 11 September)

Closed: [webauthn] Ambiguous/wrong instructions in Android Key Attestation Statement Format verification procedure

• Akshay Kumar via GitHub (Wednesday, 19 September)

Closed: [webauthn] Authenticator selection extension needs to define snapshotting behavior

• Akshay Kumar via GitHub (Wednesday, 19 September)

Closed: [webauthn] Clarify which user to authenticate if userHandle is not present

• milesstoetzner via GitHub (Monday, 24 September)

Closed: [webauthn] cognitive-accessibility consideration

• Akshay Kumar via GitHub (Wednesday, 19 September)

Closed: [webauthn] Document wide review

• jfontana via GitHub (Wednesday, 19 September)

Closed: [webauthn] Editorial: WebAuthn or WebAuthN

• Emil Lundberg via GitHub (Wednesday, 12 September)

Closed: [webauthn] Ensure hard-coded step references in RP ops are correct

• =JeffH via GitHub (Wednesday, 19 September)

Closed: [webauthn] Explain how Token Binding IDs get associated with an HTML context.

• Akshay Kumar via GitHub (Thursday, 20 September)

Closed: [webauthn] FIDO U2F supports Attestation CA (AttCA)?

• Akshay Kumar via GitHub (Thursday, 20 September)
• Emil Lundberg via GitHub (Wednesday, 19 September)

Closed: [webauthn] Mobile support

• J.C. Jones via GitHub (Wednesday, 19 September)

Closed: [webauthn] No way to specify transports during registration step

• Yoshikazu Nojima via GitHub (Saturday, 29 September)

Closed: [webauthn] Packed attestation statement format supports all types but None ?

• =JeffH via GitHub (Wednesday, 12 September)

Closed: [webauthn] Pre-registration discovery for roaming authenticators

• Skyler Berg via GitHub (Monday, 17 September)

Closed: [webauthn] Section 10: extensions are OPTIONAL

• jfontana via GitHub (Thursday, 20 September)

Closed: [webauthn] Security threat: Username enumeration

• Emil Lundberg via GitHub (Tuesday, 11 September)

Closed: [webauthn] some RPs may wish to allow multiple registrations to same user account

• =JeffH via GitHub (Tuesday, 18 September)

Closed: [webauthn] Typo in Android SafetyNet verification procedure

• J.C. Jones via GitHub (Thursday, 20 September)

Closed: [webauthn] Update Figure 1 to follow up the spec modification

• Emil Lundberg via GitHub (Tuesday, 18 September)

Closed: [webauthn] User agent / key management [authenticator] interoperability requirements?

• =JeffH via GitHub (Wednesday, 12 September)

Closed: [webauthn] Wrong Registration Ceremony Privacy Reference

• Emil Lundberg via GitHub (Wednesday, 19 September)

Substitute minutes of W3C Web Authn meeting 26-Sep-2018

• John Fontana (Wednesday, 26 September)
• Wendy Seltzer (Wednesday, 26 September)
• John Fontana (Wednesday, 26 September)

Summit on Recovering from Device Loss in WebAuthn

• Alex Takakuwa (Tuesday, 4 September)

TPAC 2018 - Registration fees and hotel bookings

• Alexandra Lacourba (Wednesday, 19 September)

Transition Request: Web Authentication to Proposed Recommendation

• Philippe Le Hégaret (Thursday, 27 September)
• Marcos Caceres (Wednesday, 26 September)
• Adam Powers (Wednesday, 26 September)
• Ralph Swick (Wednesday, 26 September)
• John Fontana (Friday, 21 September)

WebAuthn demo at TPAC Dev meetup?

• Christiaan Brand (Tuesday, 18 September)
• Emil Lundberg (Tuesday, 18 September)
• Marie-Claire Forgue (Tuesday, 18 September)
• Christiaan Brand (Monday, 10 September)
• Marie-Claire Forgue (Monday, 10 September)
• Emil Lundberg (Monday, 10 September)
• Christiaan Brand (Sunday, 9 September)
• John Bradley (Sunday, 9 September)
• Samuel Weiler (Thursday, 6 September)

wrt "meta pull-requests" milestone...

• J.C. Jones (Tuesday, 18 September)
• Emil Lundberg (Tuesday, 18 September)
• =JeffH (Tuesday, 18 September)

Last message date: Saturday, 29 September 2018 01:21:47 UTC