- From: Tim Cappalli <notifications@github.com>
- Date: Tue, 29 Apr 2025 10:53:36 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/1085@github.com>
timcappalli created an issue (w3ctag/design-reviews#1085)
こんにちは TAG-さん!
I'm requesting a TAG review of Web Authentication (WebAuthn) Level 3.
L3 contains many features. I've created a table with all of the required information.
General / common information:
- Specification: https://w3c.github.io/webauthn/
- GitHub repo: https://github.com/w3c/webauthn
- Primary contacts:
- Tim Cappalli (@timcappalli), Okta, Editor
- Emil Lundberg (@emlun), Yubico, Editor
- Matthew Miller (@MasterKale), Cisco, Editor
- Tony Nadalin (@nadalin), Independent, Chair
- Simone Onofri (@simoneonofri), W3C
| FEATURE NAME | EXPLAINER | SPEC LINK | EXISTING TAG REVIEWS | WPT TESTS | MULTI-STAKEHOLDER | ENGINE ISSUES | OTHER LINKS |
|--------------------------------|------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
| Related Origin Requests | https://github.com/w3c/webauthn/wiki/Explainer:-Related-origin-requests | https://www.w3.org/TR/webauthn-3/#sctn-related-origins | - | n/a | https://developer.apple.com/documentation/safari-release-notes/safari-18-release-notes | https://chromestatus.com/feature/4635336177352704 | https://github.com/w3c/webauthn/wiki/Security-&-Privacy-Self%E2%80%90Review:-Related-Origin-Requests |
| Conditional Create | https://github.com/w3c/webauthn/wiki/Explainer:-Conditional-Create | https://www.w3.org/TR/webauthn-3/#sctn-createCredential | - | https://wpt.fyi/results/webauthn/conditional-mediation.https.html | https://developer.apple.com/documentation/safari-release-notes/safari-18-release-notes | https://chromestatus.com/feature/5135710007590912 | |
| Conditional Get | https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI | https://www.w3.org/TR/webauthn-3/#sctn-discover-from-external-source | https://github.com/w3ctag/design-reviews/issues/692 | https://wpt.fyi/results/webauthn/conditional-mediation.https.html | https://github.com/mozilla/standards-positions/issues/692 | https://chromestatus.com/feature/5026422640869376 | https://github.com/w3c/webappsec-credential-management/wiki/Conditional-mediation-TAG-security-&-privacy-questionnaire |
| JSON (De)serialization methods | https://github.com/w3c/webauthn/wiki/Explainer:-JSON-Serialization-Methods | https://www.w3.org/TR/webauthn-3/#sctn-parseCreationOptionsFromJSON https://www.w3.org/TR/webauthn-3/#sctn-parseRequestOptionsFromJSON https://www.w3.org/TR/webauthn-3/#typedefdef-publickeycredentialjson | - | https://wpt.fyi/results/webauthn/public-key-credential-request-options-from-json.https.window.html https://wpt.fyi/results/webauthn/public-key-credential-creation-options-from-json.https.window.html https://wpt.fyi/results/webauthn/public-key-credential-to-json.https.window.html | https://github.com/WebKit/standards-positions/issues/373 | https://bugs.chromium.org/p/chromium/issues/detail?id=1401128 https://bugzilla.mozilla.org/show_bug.cgi?id=1823782 https://bugs.webkit.org/show_bug.cgi?id=256856 | n/a |
| Create in cross-origin iframe | https://github.com/w3c/webauthn/wiki/Explainer:-Cross%E2%80%90Origin-Credential-Creation | https://www.w3.org/TR/webauthn-3/#sctn-iframe-guidance | - | https://wpt.fyi/results/webauthn/createcredential-cross-origin-iframe.https.sub.html?label=experimental&label=master&aligned | https://github.com/mozilla/standards-positions/issues/964 | https://chromestatus.com/feature/5736091539734528 | |
| Signal API | https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Signal-API-explainer | https://www.w3.org/TR/webauthn-3/#sctn-signal-methods | https://github.com/w3ctag/design-reviews/issues/996 | https://wpt.fyi/results/webauthn/signal-all-accepted-credentials.https.html https://wpt.fyi/results/webauthn/signal-current-user-details.https.html https://wpt.fyi/results/webauthn/signal-unknown-credential.https.html | https://webkit.org/standards-positions/#position-400 https://github.com/mozilla/standards-positions/issues/1075 | https://chromestatus.com/feature/5101778518147072 | https://github.com/w3c/webauthn/wiki/Security-&-privacy-self-review:-PublicKeyCredential-signal-methods |
| Get Client Capabilities | https://github.com/w3c/webauthn/wiki/Explainer:-Get-Client-Capabilities | https://www.w3.org/TR/webauthn-3/#sctn-getClientCapabilities | - | https://wpt.fyi/results/webauthn/getclientcapabilities.https.html | https://developer.apple.com/documentation/safari-release-notes/safari-17_4-release-notes#WebAuthn | https://chromestatus.com/feature/5128205875544064 | |
| PRF Extension | https://github.com/w3c/webauthn/wiki/Explainer:-PRF-extension | https://www.w3.org/TR/webauthn-3/#prf-extension | https://github.com/w3ctag/design-reviews/issues/806 | https://wpt.fyi/results/webauthn/getcredential-prf.https.html https://wpt.fyi/results/webauthn/createcredential-prf.https.html | https://github.com/mozilla/standards-positions/issues/798 | https://chromestatus.com/feature/5138422207348736 | https://github.com/w3ctag/design-reviews/issues/806 |
| Client Hints | https://github.com/w3c/webauthn/wiki/Explainer:-Client-Hints | https://www.w3.org/TR/webauthn-3/#enum-hints | - | https://wpt.fyi/results/webauthn/createcredential-hints.https.html | | https://chromestatus.com/feature/5145737733341184 | https://github.com/w3c/webauthn/wiki/Security-&-Privacy-Self%E2%80%90Review:-Client-Hints |
Further details:
- [X] I have reviewed the TAG's [Web Platform Design Principles](https://www.w3.org/TR/design-principles/)
--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1085
You are receiving this because you are subscribed to this thread.
Message ID: <w3ctag/design-reviews/issues/1085@github.com>
Received on Tuesday, 29 April 2025 17:53:40 UTC