=JeffH via GitHub
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 30 November)
- Re: [webauthn] Link to WebCrypto API is stale (Wednesday, 30 November)
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 30 November)
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 30 November)
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 30 November)
- Re: [webauthn] Clarify how a user can authenticate from multiple devices (Wednesday, 30 November)
- Closed: [webauthn] Scoped credentials represent a relationship between user and RP (Wednesday, 30 November)
- Re: [webauthn] Scoped credentials represent a relationship between user and RP (Wednesday, 30 November)
- Re: [webauthn] also cite the other extant TLS channel binding mechanisms? (Wednesday, 30 November)
- Closed: [webauthn] also cite the other extant TLS channel binding mechanisms? (Wednesday, 30 November)
- Re: [webauthn] Clarify uses of ClientData (Wednesday, 30 November)
- Re: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Wednesday, 30 November)
- Re: [webauthn] Why is the only value of ScopedCredentialType "ScopedCred" as opposed to "ScopedCredential"? (Wednesday, 9 November)
- Closed: [webauthn] Grammar of makeCredential/getAssertion step 1 is a bit odd (Wednesday, 9 November)
- Closed: [webauthn] "an Relying Party" should be "a Relying Party" (Wednesday, 9 November)
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 9 November)
- Re: [webauthn] Adds authenticator attachement to credential options (Wednesday, 9 November)
- Re: [webauthn] Spec should not mandate behavior of server (Wednesday, 9 November)
- [webauthn] new commits pushed by equalsJeffH (Wednesday, 9 November)
- Re: [webauthn] remove ScopedCredentialInfo.publicKey; use "credential public key" term consistently (Wednesday, 9 November)
- Re: [webauthn] remove ScopedCredentialInfo.publicKey; use "credential public key" term consistently (Tuesday, 8 November)
- [webauthn] new commits pushed by equalsJeffH (Tuesday, 8 November)
- [webauthn] new commits pushed by equalsJeffH (Tuesday, 8 November)
- [webauthn] new commits pushed by equalsJeffH (Tuesday, 8 November)
- Closed: [webauthn] "relaxing the same-origin restriction" (Monday, 7 November)
- Re: [webauthn] "relaxing the same-origin restriction" (Monday, 7 November)
- Closed: [webauthn] Clarify how AAGUID is generated to avoid collisions (Monday, 7 November)
- Re: [webauthn] Clarify how AAGUID is generated to avoid collisions (Monday, 7 November)
- Re: [webauthn] Why are various predefined extensions defined as extensions, and not just parts of the spec? (Monday, 7 November)
- Re: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Monday, 7 November)
- Re: [webauthn] Why are some of the attestation interfaces [SecureContext] while others are not? (Monday, 7 November)
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject] (Monday, 7 November)
- Re: [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async (Monday, 7 November)
- Re: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Monday, 7 November)
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified (Monday, 7 November)
- Re: [webauthn] When talking about "normalizing an algorithm", please just link to it (Monday, 7 November)
- Re: [webauthn] Link to WebCrypto API is stale (Monday, 7 November)
- Re: [webauthn] Need to clearly define what it means to SHA-256 hash the "host" output of the document.domain setter (Monday, 7 November)
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Monday, 7 November)
- Re: [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them (Sunday, 6 November)
- Re: [webauthn] "authentication" attribute on Navigator should be [SecureContext] (Sunday, 6 November)
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]? (Sunday, 6 November)
- Re: [webauthn] It would be nice if the definition of "Scoped Credential" said something about what `identifier` and `type` are (Sunday, 6 November)
- [webauthn] Refine meaning of ScopedCredentialType to be "signature & assertion format (and version thereof)" (Sunday, 6 November)
- Re: [webauthn] Enforce strict same-origin policy on rpId (Friday, 4 November)
- Re: [webauthn] remove ScopedCredentialInfo.publicKey; use "credential public key" term consistently (Friday, 4 November)
- Re: [webauthn] Enforce strict same-origin policy on rpId (Thursday, 3 November)
- Re: [webauthn] explicitly denote RSA signature scheme (Wednesday, 2 November)
- Re: [webauthn] explicitly denote RSA signature scheme (Wednesday, 2 November)
- Re: [webauthn] Add notion of internal/external to options (Wednesday, 2 November)
- Re: [webauthn] Add notion of internal/external to options (Wednesday, 2 November)
- Re: [webauthn] Enforce strict same-origin policy on rpId (Tuesday, 1 November)
aczeskis@google.com
Adam Powers
Adam Powers via GitHub
Alexei Czeskis via GitHub
- [webauthn] new commits pushed by leshi (Wednesday, 16 November)
- [webauthn] new commits pushed by leshi (Wednesday, 16 November)
- [webauthn] new commits pushed by leshi (Wednesday, 9 November)
- Re: [webauthn] Simplifying attestation, take two (Wednesday, 2 November)
- Re: [webauthn] Add notion of internal/external to options (Wednesday, 2 November)
- [webauthn] new commits pushed by leshi (Wednesday, 2 November)
- [webauthn] new commits pushed by leshi (Wednesday, 2 November)
- [webauthn] new commits pushed by leshi (Wednesday, 2 November)
- Re: [webauthn] Add notion of internal/external to options (Tuesday, 1 November)
Angelo Liao via GitHub
- Re: [webauthn] should authenticator layer send hashed or unhashed rpId to authenticators? (Saturday, 19 November)
- Re: [webauthn] Credential ID not signed (Friday, 18 November)
- Re: [webauthn] Clarify uses of ClientData (Friday, 18 November)
- Re: [webauthn] Move `allowList` from optional to default on `getAssertion` (Friday, 18 November)
- [webauthn] Throw "NotFoundError" when internal authenticator is not available or not found (Friday, 18 November)
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Friday, 18 November)
- Re: [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee (Wednesday, 16 November)
- Re: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Wednesday, 16 November)
- Re: [webauthn] Enforce strict same-origin policy on rpId (Tuesday, 15 November)
- [webauthn] remove id requirement in ScopedCredentialDescriptor (Wednesday, 2 November)
- [webauthn] Enforce strict same-origin policy on rpId (Tuesday, 1 November)
Anne van Kesteren via GitHub
Anthony Nadalin
bifurcation via GitHub
Boris Zbarsky via GitHub
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Friday, 18 November)
- Re: [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee (Wednesday, 16 November)
- Re: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Tuesday, 8 November)
- Re: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Monday, 7 November)
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject] (Monday, 7 November)
- Re: [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async (Monday, 7 November)
- Re: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Monday, 7 November)
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified (Monday, 7 November)
- Re: [webauthn] When talking about "normalizing an algorithm", please just link to it (Monday, 7 November)
- Re: [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them (Monday, 7 November)
- Re: [webauthn] "authentication" attribute on Navigator should be [SecureContext] (Monday, 7 November)
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Monday, 7 November)
- Re: [webauthn] Need to clearly define what it means to SHA-256 hash the "host" output of the document.domain setter (Monday, 7 November)
- [webauthn] Why are various predefined extensions defined as extensions, and not just parts of the spec? (Friday, 4 November)
- [webauthn] Authenticator selection extension needs to define snapshotting behavior (Friday, 4 November)
- [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global (Friday, 4 November)
- Re: [webauthn] What ensures any semblance of interop for WebAuthnExtensions? (Friday, 4 November)
- Re: [webauthn] What does "which has no other operations in progress" mean in practice? (Friday, 4 November)
- [webauthn] What does "which has no other operations in progress" mean in practice? (Friday, 4 November)
- [webauthn] Why is the only value of ScopedCredentialType "ScopedCred" as opposed to "ScopedCredential"? (Friday, 4 November)
- [webauthn] What ensures any semblance of interop for WebAuthnExtensions? (Friday, 4 November)
- [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Friday, 4 November)
- Re: [webauthn] Is there a reason "WebAuthnAssertion" is not "WebAuthenticationAssertion"? (Friday, 4 November)
- [webauthn] Is there a reason "WebAuthnAssertion" is not "WebAuthenticationAssertion"? (Friday, 4 November)
- [webauthn] Which of the attestation format interfaces are expected to be exposed in UAs? (Friday, 4 November)
- [webauthn] Why are some of the attestation interfaces [SecureContext] while others are not? (Friday, 4 November)
- [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject] (Friday, 4 November)
- [webauthn] Description of ScopedCredentialInfo.credential seems odd (Friday, 4 November)
- [webauthn] authenticatorCancel seems like it can cancel too much (Friday, 4 November)
- [webauthn] Creation of WebAuthnAssertion in getAssertion should probably be more explicit (Friday, 4 November)
- [webauthn] What does it mean to "get assertions" in getAssertion step 7? (Friday, 4 November)
- [webauthn] "might be present on this authenticator" could use a clearer definition (Friday, 4 November)
- Re: [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async (Friday, 4 November)
- Re: [webauthn] excludeList/allowList can be defaulted to a zero-length sequence in IDL instead of prose (Friday, 4 November)
- Re: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Friday, 4 November)
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential (Friday, 4 November)
- Re: [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee (Friday, 4 November)
- Re: [webauthn] Processing model for extensions is very underdefined (Friday, 4 November)
- Re: [webauthn] "If extensions was specified" should instead use the "present" terminology (Friday, 4 November)
- Re: [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them (Friday, 4 November)
- Re: [webauthn] Setting _rpId_ to _callerOrigin_ doesn't make sense (Friday, 4 November)
- Re: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel (Friday, 4 November)
- Re: [webauthn] Does "Then asynchronously continue executing the following steps" mean "in parallel"? (Friday, 4 November)
- [webauthn] getAssertion needs to not go async before making a copy of the assertionChallenge (Friday, 4 November)
- Re: [webauthn] Grammar of makeCredential step 1 is a bit odd (Friday, 4 November)
- [webauthn] AssertionOptions and ScopedCredentialOptions could both inherit from a dictionary which has their shared members (Friday, 4 November)
- [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit (Friday, 4 November)
- [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async (Friday, 4 November)
- [webauthn] "excludeList" should probably be "the excludeList member of _options_" in makeCredential (Friday, 4 November)
- [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Friday, 4 November)
- [webauthn] I don't understand how to create a ClientData in makeCredential (Friday, 4 November)
- [webauthn] Should attestationChallenge be snapshotted in makeCredential, or used before going async? (Friday, 4 November)
- [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee (Friday, 4 November)
- [webauthn] Processing model for extensions is very underdefined (Friday, 4 November)
- [webauthn] "If extensions was specified" should instead use the "present" terminology (Friday, 4 November)
- [webauthn] excludeList can be defaulted to a zero-length sequence in IDL instead of prose (Friday, 4 November)
- [webauthn] The concept "empty" is not really defined for IDL sequences (Friday, 4 November)
- [webauthn] What does "If normalizedAlgorithm is empty" mean? (Friday, 4 November)
- [webauthn] What does normalizedParameters actually contain in makeCredential? (Friday, 4 November)
- [webauthn] Exception handling in cryptoParameters processing needs to be clarified (Friday, 4 November)
- [webauthn] WebCryptoAPI's "normalizing an algorithm" cannot be done as part of async steps (Friday, 4 November)
- [webauthn] When talking about "normalizing an algorithm", please just link to it (Friday, 4 November)
- [webauthn] Link to WebCrypto API is stale (Friday, 4 November)
- [webauthn] _rpId_ generation allows more relaxation of same-origin restrictions than document.domain does (Friday, 4 November)
- [webauthn] Is _rpId_ supposed to look like an origin serialization, or like a hostname? (Friday, 4 November)
- [webauthn] Need to clearly define what it means to SHA-256 hash the "host" output of the document.domain setter (Friday, 4 November)
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Friday, 4 November)
- [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced (Friday, 4 November)
- [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them (Friday, 4 November)
- [webauthn] Setting _rpId_ to _callerOrigin_ doesn't make sense (Friday, 4 November)
- [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel (Friday, 4 November)
- [webauthn] Does "Then asynchronously continue executing the following steps" mean "in parallel"? (Friday, 4 November)
- [webauthn] Grammar of makeCredential step 1 is a bit odd (Friday, 4 November)
- [webauthn] "authentication" attribute on Navigator should be [SecureContext] (Friday, 4 November)
- [webauthn] Should the "authentication" attribute on Navigator be [SameObject]? (Friday, 4 November)
- [webauthn] It would be nice if the definition of "Scoped Credential" said something about what `identifier` and `type` are (Friday, 4 November)
- [webauthn] "an Relying Party" should be "a Relying Party" (Friday, 4 November)
GitHub
- [w3c/webauthn] 8fac8d: properly ref 'normalize an algorithm' fixes #262; ... (Wednesday, 30 November)
- [w3c/webauthn] 3f91a6: fixup sample-authn example step 9. fixes #234 (Wednesday, 30 November)
- [w3c/webauthn] 931199: add @bzbarsky to acks (Wednesday, 30 November)
- [w3c/webauthn] 2791e1: Built by Travis-CI: f891d0cb3a756d0cc4c97259301b62... (Wednesday, 30 November)
- [w3c/webauthn] (Wednesday, 30 November)
- [w3c/webauthn] ad12bd: remove ScopedCredentialInfo.publicKey; use credent... (Wednesday, 30 November)
- [w3c/webauthn] 5f9172: tag Navigator w/ <a> (Wednesday, 30 November)
- [w3c/webauthn] 0049e1: Built by Travis-CI: a5e28e82c5e37b21ed5f29c44ac4e5... (Tuesday, 22 November)
- [w3c/webauthn] a5e28e: point at github milestones (Tuesday, 22 November)
- [w3c/webauthn] 26f20b: put back vijay's suggestion that got dropped (Wednesday, 16 November)
- [w3c/webauthn] fb4f3e: Adds authenticator attachement to credential optio... (Wednesday, 16 November)
- [w3c/webauthn] f54fd0: Built by Travis-CI: 7c59dd38730d46db68d4a4fb1d48c9... (Wednesday, 9 November)
- [w3c/webauthn] (Wednesday, 9 November)
- [w3c/webauthn] 5f9172: tag Navigator w/ <a> (Wednesday, 9 November)
- [w3c/webauthn] (Wednesday, 9 November)
- [w3c/webauthn] 2d6a7a: Adding fido appid extension (#229) (Wednesday, 9 November)
- [w3c/webauthn] 0281c7: use Vijay's examples (Wednesday, 9 November)
- [w3c/webauthn] 5f9172: tag Navigator w/ <a> (Wednesday, 9 November)
- [w3c/webauthn] 92fe6c: fix not-properly-closed <div> (Tuesday, 8 November)
- [w3c/webauthn] 2f723d: Jeffh editorial cleanups 2 (#236) (Tuesday, 8 November)
- [w3c/webauthn] 276018: attestation statement definition (Tuesday, 8 November)
- [w3c/webauthn] 5a2dc5: section verification of WebAuthnAssertion added. S... (Friday, 4 November)
- [w3c/webauthn] d1f5af: address vijay's comments (Wednesday, 2 November)
- [w3c/webauthn] 558837: Adds authenticator attachement to credential optio... (Wednesday, 2 November)
- [w3c/webauthn] 700775: typo fix (Wednesday, 2 November)
- [w3c/webauthn] 2ca56e: addressing comments from issue peanut gallery :) (Wednesday, 2 November)
gmandyam via GitHub
Hodges, Jeff
J.C. Jones via GitHub
jeisinger via GitHub
Richard Barnes
Rolf Lindemann via GitHub
Samuel Weiler
samweiler via GitHub
Vijay Bharadwaj
Vijay Bharadwaj via GitHub
- Re: [webauthn] Clarify uses of ClientData (Wednesday, 30 November)
- [webauthn] Move {#sample-scenarios} (currently Section 10) to the top of the doc (Wednesday, 9 November)
- [webauthn] Update attestation format identifiers in registry to match spec (Wednesday, 9 November)
- Re: [webauthn] Jeffh editorial cleanups 3 (Wednesday, 9 November)
- Re: [webauthn] Moving callers from U2F to WebAuthn (Wednesday, 9 November)
- Closed: [webauthn] Moving callers from U2F to WebAuthn (Wednesday, 9 November)
- [webauthn] new commits pushed by vijaybh (Wednesday, 9 November)
- [webauthn] Timeouts should be in ms not seconds (Wednesday, 9 November)
- [webauthn] Do we need "Algorithm Usage Location(s)" and "JOSE Implementation Requirements" in the IANA Considerations section? (Tuesday, 8 November)
- Re: [webauthn] section verification of WebAuthnAssertion added. See #102 (Tuesday, 8 November)
- Re: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly (Tuesday, 8 November)
- Re: [webauthn] Why are some of the attestation interfaces [SecureContext] while others are not? (Monday, 7 November)
- Re: [webauthn] Which of the attestation format interfaces are expected to be exposed in UAs? (Monday, 7 November)
- Re: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object? (Monday, 7 November)
- [webauthn] Simplifying attestation, take two (Wednesday, 2 November)
- Re: [webauthn] explicitly denote RSA signature scheme (Wednesday, 2 November)
- Re: [webauthn] certifyinfo needs to be specified (Wednesday, 2 November)
- Re: [webauthn] remove ScopedCredentialInfo.publicKey; use "credential public key" term consistently (Wednesday, 2 November)
- Re: [webauthn] Adding u2f appid extension (Wednesday, 2 November)
- Re: [webauthn] Add notion of internal/external to options (Tuesday, 1 November)
WebAuthnBot via GitHub
Last message date: Wednesday, 30 November 2016 23:54:42 UTC