RE: RE: WebAuthn API Specification Review from Anthony Nadalin on 2016-08-17 (public-webcrypto@w3.org from August 2016)

From: Anthony Nadalin <tonynad@microsoft.com>
Date: Wed, 17 Aug 2016 15:52:13 +0000
To: Richard Schwerdtfeger <schwer@us.ibm.com>
CC: "addison@lab126.com" <addison@lab126.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>, "www-international@w3.org" <www-international@w3.org>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <DM5PR03MB24416BC03AA4D28F6A1A0160A6140@DM5PR03MB2441.namprd03.prod.outlook.com>

There are various levels of  implementations in Chrome and Edge but none at the current spec level (that I’m aware of), maybe Richard can comment on Mozilla.

From: Richard Schwerdtfeger [mailto:schwer@us.ibm.com]
Sent: Wednesday, August 17, 2016 5:26 AM
To: Anthony Nadalin <tonynad@microsoft.com>
Cc: addison@lab126.com; public-webappsec@w3.org; public-webcrypto@w3.org; www-international@w3.org; www-tag@w3.org
Subject: Re: RE: WebAuthn API Specification Review

HI Tony,

I hope you are well. It was nice to see your name again.

I understand that the spec. is not in CR yet, but can you tell me to what degree this spec. has been implemented in browsers as of today? ... what support does it currently have by browser vendors?

Thanks,
Rich

Rich Schwerdtfeger

----- Original message -----
From: Anthony Nadalin <tonynad@microsoft.com<mailto:tonynad@microsoft.com>>
To: "Phillips, Addison" <addison@lab126.com<mailto:addison@lab126.com>>, "www-international@w3.org<mailto:www-international@w3.org>" <www-international@w3.org<mailto:www-international@w3.org>>
Cc: "public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>" <public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>>, "public-webappsec@w3.org<mailto:public-webappsec@w3.org>" <public-webappsec@w3.org<mailto:public-webappsec@w3.org>>, "www-tag@w3.org<mailto:www-tag@w3.org>" <www-tag@w3.org<mailto:www-tag@w3.org>>
Subject: RE: WebAuthn API Specification Review
Date: Tue, Aug 16, 2016 2:37 PM

To clarify we are aiming for CR at the TPAC meeting.

From: Phillips, Addison [mailto:addison@lab126.com]
Sent: Tuesday, August 16, 2016 12:31 PM
To: Anthony Nadalin <tonynad@microsoft.com<mailto:tonynad@microsoft.com>>; www-international@w3.org<mailto:www-international@w3.org>
Cc: public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>; public-webappsec@w3.org<mailto:public-webappsec@w3.org>; www-tag@w3.org<mailto:www-tag@w3.org>
Subject: RE: WebAuthn API Specification Review

Hello Anthony,

Thank you for this request. I have updated our review radar [1]. Can you please clarify by what dates you would like to receive comments? “Aiming for CR in September” is imprecise as a way for a horizontal group such as I18N to target doing reviews. If I use 1 September as a target date, we have only two weeks to read and comment on the spec, which is difficult for I18N WG to absorb without warning.

Thanks,

Addison

[1] http://w3c.github.io/i18n-activity/radar/<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fw3c.github.io%2fi18n-activity%2fradar%2f&data=01%7c01%7ctonynad%40microsoft.com%7ca9dd69cd850b4ebd514b08d3c699c22e%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=o%2bGaRUF8h2LejT2zm9x6tM%2b0wAQ%2bbrZtGkClu47kk4A%3d>

Addison Phillips

Principal SDE, I18N Architect (Amazon)

Chair (W3C I18N WG)

Internationalization is not a feature.

It is an architecture.

From: Anthony Nadalin [mailto:tonynad@microsoft.com]
Sent: Tuesday, August 16, 2016 12:15 PM
To: public-web-perf@w3.org<mailto:public-web-perf@w3.org>; public-privacy@w3.org<mailto:public-privacy@w3.org>; www-international@w3.org<mailto:www-international@w3.org>; public-web-security@w3.org<mailto:public-web-security@w3.org>; www-tag@w3.org<mailto:www-tag@w3.org>; w3c-wai-ig@w3.org<mailto:w3c-wai-ig@w3.org>
Cc: public-webcrypto@w3.org<mailto:public-webcrypto@w3.org>; public-webappsec@w3.org<mailto:public-webappsec@w3.org>
Subject: WebAuthn API Specification Review

WebAuthn members and interested parties,

The WebAuthn WG recently published its FPWD and is aiming for CR in September and is asking for wide review of the specification.

This specification defines an API that enables web pages to access WebAuthn compliant strong cryptographic credentials through browser script.

http://www.w3.org/TR/2016/WD-webauthn-20160531/<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.w3.org%2fTR%2f2016%2fWD-webauthn-20160531%2f&data=01%7c01%7ctonynad%40microsoft.com%7c0d4f59e3b93f4bfae40408d3c60bd735%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=%2btjdR6US61QjE1N1U%2bbS%2fla5Y4kEEvtltehRrESBhP8%3d>

If you wish to make comments regarding this document, please send them to public-webauthn@w3.org<mailto:public-webappsec@w3.org> with [public-webauthn] at the start of your email's subject. All comments are welcome.

Further sharing of this call for wide review among other interested communities is encouraged.

Thank you,

Richard Barnes and Anthony Nadalin

Received on Wednesday, 17 August 2016 15:52:51 UTC