Sunday, 30 April 2017
Saturday, 29 April 2017
- [w3c/webauthn] ad8e59: Built by Travis-CI: b4009d4dbc3fa47aa588b11915af23...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 669221: Add a link to web-platform-tests to the top of the...
- [webauthn] new commits pushed by selfissued
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- [w3c/webauthn] f84ba9: Built by Travis-CI: f99d7181e7f56d371bcb506f48295b...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] f99d71: Throw NotFoundError when no authenticator is avail...
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Closed: [webauthn] Throw "NotFoundError" when internal authenticator is not available or not found
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Client arguments should be specified with "partial dictionary AuthenticationExtensions"
- Closed: [webauthn] Client arguments should be specified with "partial dictionary AuthenticationExtensions"
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] attObj and Figure 3 [[#fig-attStructs]] do not agree
- Re: [webauthn] 3rd approach: Add authenticator selection dictionary to create with attachment
- RE: Review PR 378, 428, 429
- Re: [webauthn] Throw NotFoundError when no authenticator is available
Friday, 28 April 2017
- RE: Review PR 378, 428, 429
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- Re: [webauthn] Some editing cleanup following cred man merge
- Re: [webauthn] Some editing cleanup following cred man merge
- Re: [webauthn] Some editing cleanup following cred man merge
- Re: [webauthn] Some editing cleanup following cred man merge
- Closed: [webauthn] Account information merge
- Re: [webauthn] Account information merge
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- [w3c/webauthn] c21268: more surgery hopefully improving #387
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] 883c6f: Built by Travis-CI: 6d873d597fae3a595039bdfb070e29...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 6d873d: Add displayName for the user account (#423)
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Rename ScopedCredential to PublicKeyCredential
Thursday, 27 April 2017
- [w3c/webauthn] 2c7ba2: Built by Travis-CI: 5dedfde4c1e8ea8dff382fbf958479...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 34e083: Correct omissions that failed to send authenticato...
- [webauthn] new commits pushed by selfissued
- Re: [webauthn] leverage "credential source" term from credential management spec
- Re: [webauthn] leverage "credential source" term from credential management spec
- [webauthn] leverage "credential source" term from credential management spec
- RE: PR #217 factored into 8 PRs, each with defined purpose and scope
- PR #217 factored into 8 PRs, each with defined purpose and scope
Wednesday, 26 April 2017
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- [w3c/webauthn] e1ffe6: surgery w/hammer, saw, torch on prior attempt to i...
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] address empty allowlist in 'use existing cred' alg, fixes #387
- [w3c/webauthn] 5535f4: incorp jyasskin suggestion. improves #387
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Add a link to web-platform-tests to the top of the spec
- Re: [webauthn] Send authenticator extension inputs to authenticators and send client extension outputs to RPs
- Re: [webauthn] Add a link to web-platform-tests to the top of the spec
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- [w3c/webauthn] 76a716: address empty allowlist in 'use existing cred' alg...
- [webauthn] new commits pushed by equalsJeffH
- correction to webauthn F2F Feb-2017 minutes
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
Tuesday, 25 April 2017
- Review PR 378:
- 04/26/2017 W3C Web Authentication WG Meeting Agenda
- [w3c/webauthn] 6f2f11: Renamed timeoutSeconds to timeoutMilliseconds as s...
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] 1fd6ae: repair fig 3 - fix #401
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] attObj and Figure 3 [[#fig-attStructs]] do not agree
- Re: [webauthn] authenticator taxonomy
- [w3c/webauthn] 91fe1a: Merged master
- [webauthn] new commits pushed by AngeloKai
- Re: [webauthn] Account information merge
- Re: [webauthn] Why was PR #409 (UV bit) merged?
Monday, 24 April 2017
- Re: [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Account information merge
- Re: [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Account information merge
- [w3c/webauthn] 37e612: Remove one line
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] a1e74d: Update according to comment
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] 93448b: Built by Travis-CI: 55cd330c436202a92c575d4b28db11...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Account information merge
- [webauthn] Why was PR #409 (UV bit) merged?
- Re: [webauthn] Account information merge
- [w3c/webauthn] 6f2f11: Renamed timeoutSeconds to timeoutMilliseconds as s...
- Re: [webauthn] Add User Verification (UV) bit to authenticator data
- [webauthn] new commits pushed by AngeloKai
- Re: [webauthn] Account information merge
- Re: [webauthn] Add User Verification (UV) bit to authenticator data
- Re: [webauthn] Account information merge
- Re: [webauthn] Add User Verification (UV) bit to authenticator data
- Re: [webauthn] rpID seems to have changed meaning a bit
- Re: [webauthn] Account information merge
- Re: [webauthn] rpID seems to have changed meaning a bit
- Re: [webauthn] RawId vs Id is confusing
Sunday, 23 April 2017
- [w3c/webauthn] 09c1ea: Built by Travis-CI: 333b8aad131f7f0d437e304eecfa12...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 333b8a: Fix issue #418 - What extension data is in Authent...
- [webauthn] new commits pushed by equalsJeffH
- Review of PR#350: Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Add User Verification (UV) bit to authenticator data
- Review of PR #409: Add User Verification (UV) bit to authenticator data
- Re: [webauthn] Add User Verification (UV) bit to authenticator data
- Review of PR #378 "Enable RP to choose authenticators based on key storage capability"
Saturday, 22 April 2017
- Re: [webauthn] authenticator taxonomy
- [webauthn] authenticator taxonomy
- Re: [webauthn] Account information merge
Friday, 21 April 2017
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- [w3c/webauthn] 8eb7b5: Separated proposed changes to extension semantics ...
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] a3bae0: Updated PR based on Jeffrey comment
- Re: [webauthn] attachment is only explicitly used in create()
- [webauthn] new commits pushed by AngeloKai
- [webauthn] attachment is only explicitly used in create()
- Closed: [webauthn] TAG review feedback: Align Credential interface with Credential Management?
- Re: [webauthn] UVM Extension Editorial Change
- Re: [webauthn] UVM Extension Editorial Change
- Re: [webauthn] Some editing cleanup following cred man merge
- Re: [webauthn] cleanup: attestation object `attObj` format not clearly delineated
- Re: [webauthn] What extension data is in AuthenticatorAssertionResponse.authenticatorData?
- Re: [webauthn] Define extension client processing more carefully.
- Closed: [webauthn] Define extension client processing more carefully.
- [webauthn] What extension data is in AuthenticatorAssertionResponse.authenticatorData?
- [webauthn] Correct uses of "JSON string" versus "DOMString" and other string terminology usage
- Re: [webauthn] Client arguments should be specified with "partial dictionary AuthenticationExtensions"
- Re: [webauthn] UVM Extension Editorial Change
- Re: [webauthn] Define extension client processing more carefully.
- Re: [webauthn] Client arguments should be specified with "partial dictionary AuthenticationExtensions"
- Re: [webauthn] "Authenticator argument" vs. "authenticator data value" in Extensions section
- Closed: [webauthn] "Authenticator argument" vs. "authenticator data value" in Extensions section
- Closed: [webauthn] refine extension terminology
- Re: [webauthn] refine extension terminology
- Re: [webauthn] Processing model for extensions is very underdefined
- Closed: [webauthn] Processing model for extensions is very underdefined
- Closed: [webauthn] UVM should be "method" rather than "mode" ?
- Re: [webauthn] UVM should be "method" rather than "mode" ?
- [w3c/webauthn] 371886: Built by Travis-CI: 8eb7b5c7323312a2f49bab4aec04c0...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Separated proposed changes to extension semantics from PR #386 and use TypeError, per @jyasskin
- [w3c/webauthn] 8eb7b5: Separated proposed changes to extension semantics ...
- [webauthn] new commits pushed by equalsJeffH
Thursday, 20 April 2017
- [webauthn] rpID seems to have changed meaning a bit
- Re: [webauthn] Account information merge
- Re: [webauthn] Some editing cleanup following cred man merge
- Re: [webauthn] What does store() do?
- Re: [webauthn] RawId vs Id is confusing
- [webauthn] What does store() do?
- Re: [webauthn] Account information merge
- [webauthn] Some editing cleanup following cred man merge
- [webauthn] Account information merge
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- [webauthn] RawId vs Id is confusing
- Re: [webauthn] UVM should be "method" rather than "mode" ?
- [webauthn] UVM should be "method" rather than "mode" ?
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- RE: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
Wednesday, 19 April 2017
- Re: [webauthn] Separated proposed changes to extension semantics from PR #386 and use TypeError, per @jyasskin
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- headzup: issues with travis-ci's bikeshed output?
- "priority:implementation" issues, and PRs left for WD-05
- PRs left for WD-05
- [w3c/webauthn] e5f424: Remove unnecessary blank
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] fba8ac: Remove unnecessary whitespace
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] 0154cb: replaced DAA root key by daaKeyId. Added proper r...
- [webauthn] new commits pushed by AngeloKai
- Re: [webauthn] Replace Authenticator Model with CTAP
- [w3c/webauthn] 2cccb3: Built by Travis-CI: 66c6224cbb287bd6cc4236c2e004dd...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] 3b5138: Tiny typo in 'ScopedCredentialDesciptor'.
- Closed: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- Re: [webauthn] "authentication" attribute on Navigator should be [SecureContext]
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- [webauthn] Replace Authenticator Model with CTAP
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- Re: [webauthn] Add Test of User Identity (TUI) bit to authenticator data
- [w3c/webauthn] d2ea8e: Merge PR 384 and remove RK bit
- [webauthn] new commits pushed by AngeloKai
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Extension language significantly clarified
Tuesday, 18 April 2017
- 04/19/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
Monday, 17 April 2017
Saturday, 15 April 2017
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] Rename ScopedCredential to PublicKeyCredential
Friday, 14 April 2017
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- [webauthn] Rename ScopedCredential to PublicKeyCredential
- [webauthn] adopt definition list markdown notation for <div dfn-type="foo" dfn-for="bar"> blocks
- Re: merge #397, #398, #399 ?
- Re: merge #397, #398, #399 ?
- [w3c/webauthn] e6608d: Built by Travis-CI: 275a5522be02b102a895964ee99692...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 5a0a88: Built by Travis-CI: c22e2ab8350c8ed2b94b9d158e2c0e...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 4fad3e: Convert `makeCredential()`'s parameters into a dic...
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] a9da99: Move `getAssertion()`'s `challenge` into `Assertio...
- [webauthn] new commits pushed by equalsJeffH
- Re: merge #397, #398, #399 ?
- Re: merge #397, #398, #399 ?
- [w3c/webauthn] 2d10a1: Introduce authenticator response interfaces.
- [webauthn] new commits pushed by equalsJeffH
- RE: merge #397, #398, #399 ?
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- merge #397, #398, #399 ?
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Minutes of past meetings
- Re: [webauthn] Convert `makeCredential()`'s parameters into a dictionary.
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: [webauthn] Introduce authenticator response interfaces.
- Re: [webauthn] Convert `makeCredential()`'s parameters into a dictionary.
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: [webauthn] Introduce authenticator response interfaces.
- Re: [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] Introduce authenticator response interfaces.
- [webauthn] explain challenge's security importance and use in both registration and authentication operations
- Re: [webauthn] some RPs may wish to allow multiple registrations to same user account
- [webauthn] some RPs may wish to allow multiple registrations to same user account
- Re: [webauthn] [PR 384] Does requireUserMediation() make sense after merge
- [webauthn] [PR 384] Does requireUserMediation() make sense after merge
- Re: [webauthn] How to unmarshal in TPM Structure.
- Closed: [webauthn] How to unmarshal in TPM Structure.
- Re: [webauthn] attObj and Figure 3 [[#fig-attStructs]] do not agree
- Re: [webauthn] Consider empty allowLists
- wrt PR #397 and #398
- Re: Unknowns of the WebAuthn + CredMan merge
- Re: [webauthn] Consider empty allowLists
- Re: Unknowns of the WebAuthn + CredMan merge
- Re: [webauthn] Consider empty allowLists
Thursday, 13 April 2017
- [webauthn] attObj and Figure 3 [[#fig-attStructs]] do not agree
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Unknowns of the WebAuthn + CredMan merge
- [webauthn] How to unmarshal in TPM Structure.
- Re: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- 04/14/2017 W3C Web Authentication WG Agenda
Wednesday, 12 April 2017
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: [webauthn] Introduce authenticator response interfaces.
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: [webauthn] Introduce authenticator response interfaces.
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: PR #384 CredMan Integration
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] Convert `makeCredential()`'s parameters into a dictionary.
- Re: [webauthn] Move `getAssertion()`'s `challenge` into `AssertionOptions`
- Re: [webauthn] Introduce authenticator response interfaces.
- RE: PR #384 CredMan Integration
- [webauthn] Filter makeCredential() by acceptable trust anchors
Tuesday, 11 April 2017
- 04/12/2017 W3C Web Authentication WG Meeting Agenda
- RE: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- RE: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- RE: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- RE: PR #384 CredMan Integration
- RE: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- RE: PR #384 CredMan Integration
- Re: PR #384 CredMan Integration
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: Benefits of exposing webauthn through navigator.credentials
- RE: PR #384 CredMan Integration
Monday, 10 April 2017
- Re: PR #384 CredMan Integration
- PR #384 CredMan Integration
- RE: Benefits of exposing webauthn through navigator.credentials
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: Benefits of exposing webauthn through navigator.credentials
Saturday, 8 April 2017
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: Dirk's presentation of the relationship between CredMan and WebAuthn
- Re: Dirk's presentation of the relationship between CredMan and WebAuthn
Friday, 7 April 2017
- Re: [webauthn] Processing model for extensions is very underdefined
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] cleanup: attestation object `attObj` format not clearly delineated
- review of PR #384 submitted
- [webauthn] cleanup: attestation object `attObj` format not clearly delineated
- Re: Benefits of exposing webauthn through navigator.credentials
- Re: [webauthn] do not totally lose the term "WebAuthn Relying Party"
- [webauthn] "credential ID" not signed over by authenticatorGetAssertion operation
- Re: [webauthn] normalize RFC2119 language
- Re: [webauthn] normalize RFC2119 language
Thursday, 6 April 2017
- [webauthn] rename "attestation data" to be "attested credential"
- Closed: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: Splitting "Credential Management"?
- [w3c/webauthn] 565096: corrected signing and verification procedure for U...
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] 3311f8: corrected image (DAA--> ECDAA etc.)
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Closed: [webauthn] Add cloud transport option to transport hint
- Re: [webauthn] Add cloud transport option to transport hint
Wednesday, 5 April 2017
- Re: [webauthn] Too generic names?
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Too generic names?
- Closed: [webauthn] What ensures any semblance of interop for WebAuthnExtensions?
- Re: [webauthn] What ensures any semblance of interop for WebAuthnExtensions?
- Re: [webauthn] follow Bluetooth and NFC brand usage guidance
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject]
- Re: [webauthn] Protect against TLS MiTM by including TLS cert chain in signature
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] AssertionOptions and ScopedCredentialOptions could both inherit from a dictionary which has their shared members
- Re: [webauthn] _rpId_ generation allows more relaxation of same-origin restrictions than document.domain does
- Re: [webauthn] Is _rpId_ supposed to look like an origin serialization, or like a hostname?
- Re: [webauthn] Setting _rpId_ to _callerOrigin_ doesn't make sense
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- Re: [webauthn] Consider using USVString instead of DOMString sometimes
- Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject]
- Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
- Closed: [webauthn] Add explanation of why the account argument is useful
- Re: [webauthn] Add explanation of why the account argument is useful
- Re: [webauthn] Internationalization self review
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] TAG review feedback: Align Credential interface with Credential Management?
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject]
- Benefits of exposing webauthn through navigator.credentials
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] "authentication" attribute on Navigator should be [SecureContext]
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] Eliminate duplicate terminology
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] Clarify how a user can authenticate from multiple devices
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] Protect against TLS MiTM by including TLS cert chain in signature
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: 04/05/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] Consider using USVString instead of DOMString sometimes
- Re: [webauthn] update extensions framework to include interfacing with user agent permissions framework
- Re: [webauthn] Consider using USVString instead of DOMString sometimes
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] Various attributes of ScopedCredentialInfo should probably be [SameObject]
- Re: [webauthn] What ensures any semblance of interop for WebAuthnExtensions?
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Add gesture verification parameter to option in both makeC and getA
- Re: [webauthn] Protect against TLS MiTM by including TLS cert chain in signature
- Re: [webauthn] Consider empty allowLists
- Re: [webauthn] makeCredential should be more precise than NotAllowedError in its last step
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] follow Bluetooth and NFC brand usage guidance
- Re: [webauthn] Specify the set of hash algorithms UAs can select between.
- Re: [webauthn] define what to do if both normalizedAlgorithm and cryptoParameters are empty
- Re: [webauthn] Eliminate duplicate terminology
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] Track rename issues to maintain consistency
- Re: [webauthn] References to "algorithm" and "alg" should be same string
- Re: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- Re: [webauthn] Client arguments should be specified with "partial dictionary AuthenticationExtensions"
- Re: [webauthn] Expose standard authenticator fields in JS objects, vs. binary
- Re: [webauthn] Add cloud transport option to transport hint
- Re: [webauthn] Too generic names?
- Re: [webauthn] "ScopedCred" enum should be "scoped-cred"
- Re: [webauthn] excludeList and allowList should be excludeCredentials and allowCredentials
- Re: [webauthn] hashAlg -> hashAlgorithm?
- Re: [webauthn] "rp" isn't a widely enough known acronym?, should be relyingParty instead?
- Closed: [webauthn] "rp" isn't a widely enough known acronym?, should be relyingParty instead?
- Re: [webauthn] tokenBinding member of ClientData should be tokenBindingID
- Re: [webauthn] Define what happens when the Document loses focus
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] Throw "NotFoundError" when internal authenticator is not available or not found
- Re: [webauthn] Update attestation format identifiers in registry to match spec
- Closed: [webauthn] Update attestation format identifiers in registry to match spec
- Re: [webauthn] Why are various predefined extensions defined as extensions, and not just parts of the spec?
- Closed: [webauthn] Why are various predefined extensions defined as extensions, and not just parts of the spec?
- Re: [webauthn] Why is the only value of ScopedCredentialType "ScopedCred" as opposed to "ScopedCredential"?
- Re: [webauthn] authenticatorCancel seems like it can cancel too much
- Re: [webauthn] AssertionOptions and ScopedCredentialOptions could both inherit from a dictionary which has their shared members
- Re: [webauthn] Setting _rpId_ to _callerOrigin_ doesn't make sense
- Re: [webauthn] "authentication" attribute on Navigator should be [SecureContext]
- Re: [webauthn] Should the "authentication" attribute on Navigator be [SameObject]?
- Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
Tuesday, 4 April 2017
- Re: [webauthn] Clarify what is a proprietary attestation format and whether it should be designated by a prefix
- Closed: [webauthn] Clarify what is a proprietary attestation format and whether it should be designated by a prefix
- Re: [webauthn] Add explanation of why the account argument is useful
- Re: [webauthn] Drop UAF references in favor of better explanation
- Re: [webauthn] Internationalization self review
- Re: [webauthn] do not totally lose the term "WebAuthn Relying Party"
- Re: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Re: [webauthn] DOMString[] should be FrozenArray<DOMString>
- Re: [webauthn] Clarify how a user can authenticate from multiple devices
- Re: [webauthn] refine extension terminology
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] web-api: is further language needed describing AppID (aka rpId) usage ?
- 04/05/2017 W3C Web Authentication WG Meeting Agenda
- [w3c/webauthn] 22913b: first draft of uaf attestation statement format
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] b1bd6c: first draft of new credential type ScopedCred_FIDO...
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] Eliminate duplicate terminology
- Re: [webauthn] normalizing term(s) for authenticator-generated RP-specific public key