RE: PR #384 CredMan Integration

I would love to make the world a better place better.

In my mind, the merge has 3 parts:

  1.  Align namespaces between WebAuthn and Credential Management
  2.  Align the API calling patterns (dictionaries instead of explicitly enumerated arguments)
  3.  Align the method names (get, create, store)

Of these I think #1 and #2 are the must-haves, and #3 is something that I personally would not be upset to postpone to a v2. This allows us to focus on syntactic questions for now and avoid the more contentious questions around method naming which often become about semantics. From a practical perspective, renaming methods is also fairly easy to do later.

So I like this proposal since it attempts something like the above.

@Mike West<mailto:mkwst@google.com> – what is your opinion?

From: Alexei Czeskis [mailto:aczeskis@google.com]
Sent: Tuesday, April 11, 2017 9:05 AM
To: Anthony Nadalin <tonynad@microsoft.com>
Cc: Hodges, Jeff <jeff.hodges@paypal.com>; public-webauthn@w3.org
Subject: Re: PR #384 CredMan Integration

Dear list,

I'm all for getting the spec done fast, for getting implementations out fast, and for making the world a better place faster.  If we want to speed things up, I'm not convinced that the PR as it is right now is the right move.  I'm not simply arguing for making fast progress and accepting a messy API landscape in return.  I'm arguing for not venturing into the unknown to find the perfect -- in effect passing on the known-good.

I believe that in its current form, the merge will cause questions that will take a while to iron out.  I would suggest an alternate approach: hold off on the merge until the proposal does not have as many unknowns.  Maybe that means waiting until version 2.  It's true that at that point we'll have gone down different roads with credman and merging might be harder, but surely worse things have happened.

In my opinion, the big reason to be hesitant about this merge is that it takes us down the path of one single .makeAuthFactor() and one single .getAuthFactor() methods.  Where .makeAuthFactor() can result in a username/password, password, oauth token, url of oauth provider, a public key of one kind or another.  I'm not convinced that that's the right big picture approach.  Maybe it is, maybe it isn't -- but going down that path opens up A LOT of questions, not just about the specs, but about UI/UX as well.  For example, for usernames and password -- the browser manages identities and shows the UX for selection.  For authenticators such as phones, the phone does.  I'm not sure what the right way to show UX is there.  Maybe it's not a problem for Edge that might just call Hello, but I'm not sure what cross-operating-system browsers such as FF and Chrome would do.  Or for example, consider during the create account phase when acme.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Facme.com&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=P9IRMUYJHJFX%2F00wuHra2nQutIA2F%2Bwg45LNrX4cyeo%3D&reserved=0> tells the browser that it'll accept a username/password/oauth token from Google or Facebook or an Authenticator -- what does the browser draw then?  How does the user choose?  We haven't figured out what it means to not require user mediation for webauthn, because there are lots of details.  The relationships between user accounts and passwords is 1:1 -- but that's not the case for users and authenticators.

I can keep going, but the point is that there are questions here -- lots of them.  It will take a while to iron them out, to play with implementations, to iterate, to refactor, to make a UX that users understand.  On the other hand, we pretty much know how to build webauthn in its current form.  It's self-contained and doesn't depend on any outsides specs.  If I understand the proposed merge correctly, it also requires that the credential management API be changed.  So now, before any webauthn api can be put out, the credential management API must be refactored and only then can webauthn be developed.  Also, let's not forget that there are websites that depend on the current credential management API.

Perhaps my English is a bit Russian, but this emails is meant not a "whimper", but as a well-laid-out, technically-sound argument, worthy of your serious consideration.  I look forward to your comments and feedback!


The PR is not the only possible credman merge proposal.  Here is another (if you don't like this one, we've got another):


interface Credential {
 readonly attribute USVString id<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credential-id&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=9wMLtOqWvZhMatp3SFzvInHOLsMCc2%2BjDopX2iXONjs%3D&reserved=0>;
 readonly attribute DOMString type<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credential-type&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=6z8VwfqpQH2WwuLyKbRZndwG3FJWUD1nFHhX%2Fi9D1k4%3D&reserved=0>;
};

----------------------------------------------------

interface BearerCredential : Credential<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23credential&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=Sw%2FQdzPYLG46BCj8f4HkqhAEVMuv90Vb0ltONacaRUU%3D&reserved=0> {
 readonly attribute USVString name<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-siteboundcredential-name&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=BGguYpusmTlh4mUn9WcVQ%2FsAUrEoXvWNMf2KRmjIx%2BQ%3D&reserved=0>;
 readonly attribute USVString iconURL<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-siteboundcredential-iconurl&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=lJBasRJm4CBOU6%2BcTrrS5uQ3VMcNK65%2B%2FjNqw3laTr8%3D&reserved=0>;
};

interface PasswordCredential : <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23siteboundcredential&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=LdbAxpd%2FK%2FGCiFCDocc%2BcXAHV0CzCzy4g7SuBqw0hzY%3D&reserved=0> BearerCredential {
 attribute USVString idName<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-passwordcredential-idname&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=tYYnsxcHSqHSDjMHGcL%2BnzqM5QJI3ZIOlnLQ7%2BjEM0c%3D&reserved=0>;
 attribute USVString passwordName<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-passwordcredential-passwordname&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=wUugFCnwxC2O2wPpwPpWjc60mBCFO9kBhfp1sv5mjgw%3D&reserved=0>;

 attribute CredentialBodyType<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23typedefdef-credentialbodytype&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=50%2B4AN75NhbJ3Xw49pf6xlK15PwetnOgvqs7bUDeoA4%3D&reserved=0>? additionalData<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-passwordcredential-additionaldata&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=JwjDQ6UKA5yQX59Cyx1R7auQzHvepyidJhK%2FkBIP174%3D&reserved=0>;
};

// similar for FederatedCredential

--------------------------------------------

interface PublicKeyCredential : Credential<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23credential&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=Sw%2FQdzPYLG46BCj8f4HkqhAEVMuv90Vb0ltONacaRUU%3D&reserved=0> {
  readonly attribute object publicKey;
};


interface AuthenticatorResponse {
 readonly attribute PublicKeyCredential credential;
 readonly attribute ArrayBuffer<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23idl-ArrayBuffer&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=sh5iWlUoDPE%2FS7d3Zcdxz2vWGQasiZMyomvpnEv74uk%3D&reserved=0> clientDataJSON;
};


// note that this is just a renamed ScopedCredentialInfo,
// with the addition of a public key, id, and type in it (as part of the
// credential attribute)
interface MakeCredentialResponse : AuthenticatorResponse {
 readonly attribute ArrayBuffer<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23idl-ArrayBuffer&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=sh5iWlUoDPE%2FS7d3Zcdxz2vWGQasiZMyomvpnEv74uk%3D&reserved=0> attestationObject;
};

// note that this is just a renamed AuthenticationAssertion
interface AssertionResponse : AuthenticatorResponse {
 readonly attribute ArrayBuffer<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23idl-ArrayBuffer&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106499268&sdata=sh5iWlUoDPE%2FS7d3Zcdxz2vWGQasiZMyomvpnEv74uk%3D&reserved=0>       authenticatorData;
 readonly attribute ArrayBuffer<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23idl-ArrayBuffer&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=FNomjlyPcp8%2F38jhF8Qh8wzTxoYobZau4NDXlKM9TXY%3D&reserved=0>       signature;
};

-------------------------------------------

partial interface Navigator<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.w3.org%2FTR%2Fhtml5%2Fwebappapis.html%23navigator&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=ENlfjl4YoMAqfW0VqnZwCxTixWN3ShkoFWUsmwc4GqI%3D&reserved=0> {
 readonly attribute CredentialsContainer<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23credentialscontainer&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=CGbZosQZZWJEXXZonFKMT%2F%2F00XIBd%2BbeAA6b8AEUz9E%3D&reserved=0> credentials;
};

interface <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fhtml%2Fwebappapis.html%23navigator&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=UAqx%2BrcyIJJI2eE5biqYJN9Q5Fxbm4Utb3ZIiQOFn%2BI%3D&reserved=0> CredentialsContainer {
 readonly attribute BearerCredentials bearer;
 readonly attribute <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23webauthentication&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=uWObRnwONsLacFQ97fL21Vx8wiYCs1ShNrEjbc1UW3o%3D&reserved=0> PublicKeyCredentials publicKey;
};

interface BearerCredentials {
 Promise<BearerCredential?> get<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-get&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=Fzv1dQwmgDGB8gEJR6Lbqn0UL7EbLr54E4vfESp4ZLg%3D&reserved=0>(CredentialRequestOptions<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dictdef-credentialrequestoptions&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=R8F%2F61Zw6ZpSvJt7l0sO%2FPAxQC1mx5FikpiABR14iV0%3D&reserved=0> options<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-get-options-options&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=zZqV9ofVbqOOSGhMLZHzPLrlZQXgmEz3fugeZn2iLTQ%3D&reserved=0>);
 Promise<BearerCredential>  store<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-store&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=GCE7yI0I7uYhPiR0UAUVVrQ6w4bwhswzz%2BSYgx0QYls%3D&reserved=0>(BearerCredential credential<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-store-credential-credential&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=Bg34bd%2BYAE%2FXLKCaxy8F4OMT%2Bwr0%2BEDlDGoLcfp3w80%3D&reserved=0>);
 Promise<void> requireUserMediation<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-requireusermediation&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=PB0HsV4XJ83yUFt1ZMgc7xvx2UneGFUKgTwMKSeUtDI%3D&reserved=0>();
};

// continue here as in existing CredMan API

------------------------------------------------------------


interface <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23webauthentication&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=uWObRnwONsLacFQ97fL21Vx8wiYCs1ShNrEjbc1UW3o%3D&reserved=0> PublicKeyCredentials {
   Promise<MakeCredentialResponse> makeCredential(
                          RelyingPartyUserInfo<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dictdef-relyingpartyuserinfo&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=mYgXEjE0%2BXfbp3otFsLP0nfc55hr4wcbczrmB939J9U%3D&reserved=0>                 accountInformation<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-makecredential-accountinformation-cryptoparameters-attestationchallenge-options-accountinformation&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=LeYUieK3GKuOl7u5RZ8YqMAJGwhlURhaM2fq5LKJ5mI%3D&reserved=0>,
                          sequence<ScopedCredentialParameters<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dictdef-scopedcredentialparameters&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=dZyUkhCftziOlVGU2LMOtp0UgD2JbQd4I%2FJD6anyOBw%3D&reserved=0>> cryptoParameters<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-makecredential-accountinformation-cryptoparameters-attestationchallenge-options-cryptoparameters&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=SUWNrlHm7tC24j1WhRpOrrYLGPwrSzW%2BIQeWFBBbx1A%3D&reserved=0>,
                          BufferSource<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23BufferSource&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106509268&sdata=ZlC7njihZydPudw90kJYH%2BYoVehAvZGvXJOFBZ4rBHo%3D&reserved=0>                         attestationChallenge<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-makecredential-accountinformation-cryptoparameters-attestationchallenge-options-attestationchallenge&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=kNZLSo35jIZb%2F7j1kV9q%2F7HDiQZ9ex3%2BCPFxrZgXmos%3D&reserved=0>,
                          optional ScopedCredentialOptions<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dictdef-scopedcredentialoptions&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=lAfe3BvYcexlo1EX%2BNf%2BB82esY7Zy%2BsG693CQ%2FelptA%3D&reserved=0>     options
<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-makecredential-accountinformation-cryptoparameters-attestationchallenge-options-options&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=0TTwOGTdFFbVIf6TBTu93St%2B37%2Bgd2f5rIrnxxetXYA%3D&reserved=0>   );


   Promise<AssertionResponse> getAssertion(
                          BufferSource<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fheycam.github.io%2Fwebidl%2F%23BufferSource&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=7f4EYW%2B9kmRp2lSKbtdW4kvBPzVVGtwUTCUkNQyNl9Y%3D&reserved=0>                    assertionChallenge<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-getassertion-assertionchallenge-options-assertionchallenge&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=fZkCtSypsIDmiPWNYwYuEF5c%2BdNHox%2F7ET3itnmKW3I%3D&reserved=0>,
                          optional AssertionOptions<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dictdef-assertionoptions&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=remf%2FtMOsy95mC9In0Ft8PULWRtug0e1rjY8XEGKn5Q%3D&reserved=0>       options
<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F%23dom-webauthentication-getassertion-assertionchallenge-options-options&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=DykRvxnfLzC1g%2F4dNKR1HM4NRVSYPDbi5ObONT%2FHsoA%3D&reserved=0>   );
};


// continue here as in existing Webauthn API
// (note that the naming here treats the key pair as *the credential*, and the thing
// that is sent over the wire is something else - an authenticator response, etc.)

--------------------------------------------------------

// Example:  generating and registering a new key follows


var webauthnAPI = navigator.credentials.publicKey;

if (!webauthnAPI) { /* Platform not capable. Handle error. */ }

var userAccountInformation = {
   rpDisplayName: "Acme",
   displayName: "John P. Smith",
   name: "johnpsmith@example.com<mailto:johnpsmith@example.com>",
   id: "1098237235409872",
   imageURL: "https://pics.acme.com/00/p/aBjjjpqPb.png<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpics.acme.com%2F00%2Fp%2FaBjjjpqPb.png&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=g0WFfw7QgqaUfC0aNzVO1q2AKq8uUSMEkbtYA36akOc%3D&reserved=0>"
};

// This Relying Party will accept either an ES256 or RS256 credential, but
// prefers an ES256 credential.
var cryptoParams = [
   {
       type: "publicKey",
       algorithm: "ES256"
   },
   {
       type: "publicKey",
       algorithm: "RS256"
   }
];

var challenge = new TextEncoder().encode("climb a mountain");
var options = { timeout: 60000,  // 1 minute
               excludeList: [],      // No excludeList
               extensions: {"webauthn.location": true}  // Include location
                                                        // information

                                                        // in attestation
};

// Note: The following call will cause the authenticator to display UI.
webauthnAPI.makeCredential(userAccountInformation, cryptoParams,
                          challenge, options)
    .then(function (makeCredentialResponse) {
   // Send make credential response to server for verification and registration.
}).catch(function (err) {
   // No acceptable authenticator or user refused consent. Handle appropriately.
});


--------------------------------------------------------


// Example:  authentication without hints


var webauthnAPI = navigator.credentials.publicKey;

if (!webauthnAPI) { /* Platform not capable. Handle error. */ }

challenge: new TextEncoder().encode("climb a mountain"),
var options = {
               timeout: 60000,  // 1 minute
               allowList: [{ type: "publicKey" }]
             };

webauthnAPI.getAssertion(challenge, options).then(function (assertionResponse) {
   // Send assertion response to server for verification
}).catch(function (err) {
   // No acceptable credential or user refused consent. Handle appropriately.
});


--------------------------------------------------------


// Example:  authentication with hints


var webauthnAPI = navigator.credentials.publicKey;

if (!webauthnAPI) { /* Platform not capable. Handle error. */ }


var challenge = new TextEncoder().encode("climb a mountain");
var acceptableCredential1 = {
   type: "publicKey",
   id: encoder.encode("!!!!!!!hi there!!!!!!!\n")
};
var acceptableCredential2 = {
   type: "publicKey",
   id: encoder.encode("roses are red, violets are blue\n")
};

var options = {
               timeout: 60000,  // 1 minute
               allowList: [acceptableCredential1, acceptableCredential2];
               extensions: { 'webauthn.txauth.simple':
                  "Wave your hands in the air like you just don’t care" };
             };

webauthnAPI.getAssertion(challenge, options)
   .then(function (assertion) {
   // Send assertion response to server for verification
}).catch(function (err) {
   // No acceptable credential or user refused consent. Handle appropriately.
});

--------------------------------------------------------

Advantages of this Proposal

  *   Fewer changes to CredMan & WebAuthn specs
  *   No need to have a no-op store() operation for PublicKeyCredentials
  *   No need to reconcile the two notions of user mediation. Credentials.bearer uses the requireUserMediation<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fcredential-management-1%2F%23dom-credentialscontainer-requireusermediation&data=02%7C01%7Cvijaybh%40microsoft.com%7C379d26bc14434305cae908d480f4c28f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636275236106519274&sdata=Uab8N57ABA9MCcWsGs7onTInt7GZnepG40fimhR%2BSFU%3D&reserved=0> operation, whereas credentials.publicKey uses a parameter in the ScopedCredentialOptions
  *   The only thing a reader of the webauthn spec has to understand about the CredMan spec is the (very simple) Credential interface.
  *   New methods like cancel() and promoteAuthenticatorIfAvailable() can easily be added to credentials.publicKey without having to worry how they interact with other credential types.



Thanks!
-Alexei


________________

 . Alexei Czeskis .:. Securineer .:. 317.698.4740<tel:(317)%20698-4740> .

On Mon, Apr 10, 2017 at 7:14 PM, Anthony Nadalin <tonynad@microsoft.com<mailto:tonynad@microsoft.com>> wrote:
Too nice need to raise a formal objection not whimpers as I can't read between the lines

-----Original Message-----
From: Hodges, Jeff [mailto:jeff.hodges@paypal.com<mailto:jeff.hodges@paypal.com>]
Sent: Monday, April 10, 2017 4:18 PM
To: public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: Re: PR #384 CredMan Integration

On 4/10/17, 2:29 PM, "Anthony Nadalin" <tonynad@microsoft.com<mailto:tonynad@microsoft.com>> wrote:

> So based upon the discussions that have been going on there seems to
> be some issues raised on what happens when we merge. I have not heard
> and real outright objections to the merge,

Dirk made such an outright objection -- but perhaps he said it too nicely [0]:

  ..I'm arguing against accepting https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c%2Fwebauthn%2Fpull%2F384&data=02%7C01%7Ctonynad%40microsoft.com%7C8fa40e78c673482b7eed08d480681726%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636274633275960038&sdata=mV1%2FBr337%2B%2BsXPfyFXpid3LgBi6VFtKiig1YUcJe2IQ%3D&reserved=0 as
  is, because I believe it will create a lot of future work for us that will
  slow us down.

> so in favor of progress I suggest we accept #384 and deal with the
> questions as they comes up with Mike West, as we see to be just going
> around and around w/o making a decision.

A more productive approach may be to consider our options in light of the desire to have an implementable and nominally usable draft webauthn level 1 API in the near term.

To me the decision context appears to be:

  What's more important,

    (1) near-term implementable & adoptable/deployable webauthn draft with or
        without credman incorporation, or,

    (2) adding credman dependency now (because it seems we will do it at some
        point regardless), i.e., merge PR#384 as-is, and hope the resultant
        fixing/polishing does not take "too long" ?

Tony is suggesting (2).

in [0] Dirk is arguing that (2) will result in taking "too long", and implies we should do option B plus some renaming.

Though, an option (3) is that we could think things through more thoroughly, convince ourselves option C (below) is the correct thing to do in light of the other below options, and if it is, revise the PR#384 appropriately, then merge. One could argue this will take less time that just merging #384 as-is.

@mikewest replied to Dirk's points in detail in [3], so we've embarked on option (3) if we hold off on merging. This is what I'd vote for.

HTH,

=JeffH


details:

Again, the webauthn||credman options [1][2] are:

A. Just Rename (slides 8, 9)
(as noted in the F2F minutes, this is to just "'rename' scopedCredential" such that webauthn (WA) does not use the term 'cedential' in its API)

B. Join credman class hierarchy, keep webauthn methods  (slides 10..14)

C. Join credman (CM) class hierarchy, use CM methods (slides 15..18)

Plus, there is also the status-quo:

D.  Leave credman and webauthn entirely separate for their "level 1" (ie initial version) incarnations (leaves door open to address some sort of merger in level 2 incarnations).

[0] https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.w3.org%2FArchives%2FPublic%2Fpublic-webauthn%2F2017Apr%2F0138.html&data=02%7C01%7Ctonynad%40microsoft.com%7C8fa40e78c673482b7eed08d480681726%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636274633275970046&sdata=PjQcFrH6YKX2D4Uc0mYDJw8THRmIaQ%2FaCepnx1InDWo%3D&reserved=0


[1] WebAuthn vs Credential Management (@balfanz) <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fpresentation%2Fd%2F1RyfQS3f-Dk7xU8S6pCSBzWl3jGGGrkF1zWkUypVUnik&data=02%7C01%7Ctonynad%40microsoft.com%7C8fa40e78c673482b7eed08d480681726%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636274633275970046&sdata=NCCw7zgoj6p8R20qbFn%2FP9I8uSwzr3zVSVBs1rFiqtI%3D&reserved=0>

[2] https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c%2Fwebauthn%2Fpull%2F384%23issuecomment-292734633&data=02%7C01%7Ctonynad%40microsoft.com%7C8fa40e78c673482b7eed08d480681726%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636274633275970046&sdata=33LM5ULKf4s5%2BTwRdf6Iq0DWENH5YU6cy%2F5oxiI4i7g%3D&reserved=0


[3] https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.w3.org%2FArchives%2FPublic%2Fpublic-webauthn%2F2017Apr%2F0147.html&data=02%7C01%7Ctonynad%40microsoft.com%7C8fa40e78c673482b7eed08d480681726%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636274633275970046&sdata=9Qi%2FOXTyPnDfj3wHbbvoO%2BhGf1kgyFUFEIEyvvOlQJQ%3D&reserved=0

Received on Tuesday, 11 April 2017 16:28:53 UTC