Thursday, 31 August 2017
- Re: [webauthn] Include Constants for COSE Algorithm Numbers
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] Must returned extensions be mathematically proper subsets of requested extensions?
- [webauthn] Must returned extensions be mathematically proper subsets of requested extensions?
- Re: [webauthn] Consider requiring canonical CBOR throughout
- Re: [webauthn] Sign counter alg 507
- Re: [webauthn] Consider requiring canonical CBOR throughout
- submitted review of PR #539 "Sign counter alg 507"
Wednesday, 30 August 2017
- Re: [webauthn] Sign counter alg 507
- Re: [webauthn] Sign counter alg 507
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] Make create() and get() abortable
- [webauthn] change "credential public key" to "user public key"
- Re: [webauthn] Internationalization self review
- Re: [webauthn] Sign counter alg 507
- Re: [webauthn] Internationalization self review
- Re: [webauthn] Consider requiring canonical CBOR throughout
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] further details for authenticatorCancel operation
- Re: [webauthn] Internationalization self review
- Re: [webauthn] Should the "name" field in PublicKeyCredentialEntity be marked required?
- Closed: [webauthn] Should the "name" field in PublicKeyCredentialEntity be marked required?
- [w3c/webauthn] 8c2bfd: add explanation: where does signature come from
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] 12c2d9: explanation added: why should you compare signatur...
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] Sign counter alg 507
- Re: [webauthn] Consider allowing authenticators to randomise signed hashes.
- Re: [webauthn] Consider requiring canonical CBOR throughout
- Re: [webauthn] Consider requiring canonical CBOR throughout
- Re: [webauthn] Sign counter alg 507
- 08/30/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] Sign counter alg 507
Tuesday, 29 August 2017
- Re: [webauthn] Consider requiring canonical CBOR throughout
- Re: [webauthn] Consider requiring canonical CBOR throughout
- [w3c/webauthn] 9bcb9c: added RP processing rule for signature counter
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] impl guidelines for signature counter
- Re: [webauthn] Consider allowing authenticators to randomise signed hashes.
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- [w3c/webauthn] 6b3653: ...
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] 95546f: more description added
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] e8f141: added description for U2F attestation format
- [webauthn] new commits pushed by rlin1
Monday, 28 August 2017
- Re: [webauthn] Should the "name" field in PublicKeyCredentialEntity be marked required?
- Re: [webauthn] Should the "name" field in PublicKeyCredentialEntity be marked required?
- [w3c/webauthn]
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- [webauthn] new commits pushed by rlin1
- [w3c/webauthn] 3dc51c: explicitly level 1, fixes #475
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] Authnr sel aaguidlist
- [webauthn] Should the "name" field in PublicKeyCredentialEntity be marked required?
Friday, 25 August 2017
- Re: [webauthn] fixup algs contd 3
- [w3c/webauthn] 5fb2f8: convert switch steps to colon-denotation
- [webauthn] new commits pushed by equalsJeffH
Wednesday, 23 August 2017
- Re: [webauthn] leverage "credential source" term from credential management spec
- Re: [webauthn] Eliminate duplicate terminology
- Re: [webauthn] undefined terms
- Re: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Closed: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Re: [webauthn] Consider using USVString instead of DOMString sometimes
- Re: [webauthn] Clarify meaning of UVI
- Closed: [webauthn] Clarify meaning of UVI
- Re: [webauthn] update extensions framework to include interfacing with user agent permissions framework
- Closed: [webauthn] update extensions framework to include interfacing with user agent permissions framework
- Re: [webauthn] further details for authenticatorCancel operation
- Re: [webauthn] New research suggest using ED512 instead of ED256.
- Re: [webauthn] Privacy across OS accounts
- Re: [webauthn] Authenticator Selection Extension - Client Processing - Clarification
- Closed: [webauthn] Authenticator Selection Extension - Client Processing - Clarification
- Re: [webauthn] adopt consistent terms for RP server-side and client-side components
- Re: [webauthn] normalizing term(s) for authenticator-generated RP-specific public key
- Closed: [webauthn] normalizing term(s) for authenticator-generated RP-specific public key
- Re: [webauthn] #createCredential step 12 incorrectly refers to a timer
- Re: [webauthn] Not necessary to pass AuthenticatorSelectionCriteria members to authenticatorMakeCredential()
- Re: [webauthn] What does "which has no other operations in progress" mean in practice?
- Re: [webauthn] What does "which has no other operations in progress" mean in practice?
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with AAGUID
- wrt WD-07 Open PR #498
Tuesday, 22 August 2017
- 08/23/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] Make create() and get() abortable
Monday, 21 August 2017
Wednesday, 16 August 2017
Friday, 18 August 2017
- [w3c/webauthn] 73d446: nomalizedAlgorithm->credTypesAndPubKeyAlgs; fixup ...
- [webauthn] parameter lists in #createCredential and #op-make-cred do not match
Thursday, 17 August 2017
- Re: WD-06 is now published
- [w3c/webauthn]
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] #createCredential step 12 incorrectly refers to a timer
- So-so quality of random FIDO devices
- Re: [webauthn] undefined terms
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with AAGUID
Wednesday, 16 August 2017
- Re: [webauthn] adopt consistent terms for RP server-side and client-side components
- Re: [webauthn] adopt consistent terms for RP server-side and client-side components
- Re: [webauthn] normalizing term(s) for authenticator-generated RP-specific public key
- Re: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
- Re: [webauthn] impl guidelines for signature counter
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- Closed: [webauthn] Enable web developers to migrate keys from one domain to another
- Re: [webauthn] Enable web developers to migrate keys from one domain to another
- Re: [webauthn] What does "which has no other operations in progress" mean in practice?
- Re: [webauthn] rename "attestation data" to be "attested credential"
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- Re: [webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with Counter
- Re: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- 08/16/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] Attestation Data defines ECC key X, Y parameters two ways
- Closed: [webauthn] Attestation Data defines ECC key X, Y parameters two ways
- Re: [webauthn] Attestation Data defines ECC key X, Y parameters two ways
- Closed: [webauthn] Pre-Registration Discovery
- Re: [webauthn] Pre-Registration Discovery
Tuesday, 15 August 2017
- Re: editorial nit wrt publishing working draft
- Closed: [webauthn] Update README.md to include more specific instructions for spec submission
- Re: [webauthn] Update README.md to include more specific instructions for spec submission
- Re: editorial nit wrt publishing working draft
Monday, 14 August 2017
Friday, 11 August 2017
- [w3c/webauthn] 942026: Built by Travis-CI: 5e0dbe0dafe9e36912bf2a32c5d575...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 776a5f: Update README.md
- [webauthn] new commits pushed by AngeloKai
- Re: WD-06 is now published
- WD-06 is now published
- [w3c/webauthn] 36a0fe: Built by Travis-CI: 598ac413cb9df11f971d62d8d27c4c...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 0683ef: add WD06
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] b199b1: Built by Travis-CI: 546b0441d7ee873c2f598643375779...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by AngeloKai
- [w3c/webauthn] 080eff: add WD06 publish dir
Thursday, 10 August 2017
- Re: [webauthn] update extensions framework to include interfacing with user agent permissions framework
- Re: [webauthn] do not totally lose the term "WebAuthn Relying Party"
- Re: [webauthn] clarify normality of authenticator model - is it actually authenticator API ?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: Questions over Firefox's implementation
Wednesday, 9 August 2017
- All WD-06 issues and PRs are once again closed
- [w3c/webauthn] 5c325a: Built by Travis-CI: 8bf3b7e7cb803e459da9dfd239e688...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 8bf3b7: Fixed the example and other points listed in isPla...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] c6e1c9: Built by Travis-CI: 1c824c902e1236c2a900452a5080ee...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Conflicting definition of AlgorithmIdentifier
- Closed: [webauthn] Conflicting definition of AlgorithmIdentifier
- [w3c/webauthn] 1c824c: Renamed AlgorithmIdentifier to COSEAlgorithmIdenti...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] ab2bb0: Built by Travis-CI: 4902a80ea3ef8e00db8aeaaf665a62...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 4902a8: Register COSE Algorithm numbers for RSASSA-PKCS1-v...
- [webauthn] new commits pushed by selfissued
- Re: [webauthn] Enable web developers to migrate keys from one domain to another
- Re: [webauthn] Make U2F Attestation Format "sig" more precise
- [webauthn] Make U2F Attestation Format "sig" more precise
- Re: [webauthn] Enable web developers to migrate keys from one domain to another
- Re: [webauthn] Enable web developers to migrate keys from one domain to another
- Re: [webauthn] Conflicting definition of AlgorithmIdentifier
- [webauthn] Include Constants for COSE Algorithm Numbers
- Closed: [webauthn] revise approach of isPlatformAuthenticatorAvailable()
- Re: [webauthn] revise approach of isPlatformAuthenticatorAvailable()
- Re: [webauthn] revision and polishing of the merged isPlatformAuthenticatorAvailable PR #379
- Re: [webauthn] Fixed the example and other points listed in isPlatformAuthenticatorReady comment
- Re: New concall coordinates
- RE: New concall coordinates
- [w3c/webauthn] cc8550: revision and polishing of the merged isPlatformAut...
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] revise approach of isPlatformAuthenticatorAvailable()
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- RE: Questions over Firefox's implementation
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- Re: Questions over Firefox's implementation
- Web Authentication Working Group Charter Extended
- [webauthn] Conflicting definition of AlgorithmIdentifier
- Re: [webauthn] Clarify meaning of UVI
- Re: [webauthn] Clarify meaning of UVI
- Re: [webauthn] Clarify meaning of UVI
Tuesday, 8 August 2017
- Re: [webauthn] Not necessary to pass AuthenticatorSelectionCriteria members to authenticatorMakeCredential()
- Re: [webauthn] Not necessary to pass AuthenticatorSelectionCriteria members to authenticatorMakeCredential()
- [webauthn] Not necessary to pass AuthenticatorSelectionCriteria members to authenticatorMakeCredential()
- 08/09/2017 W3C Web Authentication WG Meeting Agenda
- Re: New concall coordinates
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
Monday, 7 August 2017
Tuesday, 8 August 2017
Monday, 7 August 2017
- Re: [webauthn] Enable web developers to migrate keys from one domain to another
- [w3c/webauthn] 88105f: Built by Travis-CI: 73d4461c525c51e96bb03659a52388...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 73d446: nomalizedAlgorithm->credTypesAndPubKeyAlgs; fixup ...
- Closed: [webauthn] do not need to normalize web crypto params any longer
- [webauthn] new commits pushed by selfissued
- Re: [webauthn] nomalizedAlgorithm->credTypesAndPubKeyAlgs
- Re: [webauthn] overall security considerations section or document
- [w3c/webauthn] e9b8d4: nomalizedAlgorithm->credTypesAndPubKeyAlgs; fixup ...
- [webauthn] new commits pushed by equalsJeffH
- Questions over Firefox's implementation
- Re: [webauthn] Operating System Vendor Public Key Infrastructure and Web Authentication
Sunday, 6 August 2017
Friday, 4 August 2017
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- [w3c/webauthn] e44a7a: add links to scribe/bot instructions
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Operating System Vendor Public Key Infrastructure and Web Authentication
- Re: [webauthn] fixup algs contd 3
- [webauthn] do not need to normalize web crypto params any longer
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- RE: All WD-06 issues and PRs are closed
- RE: All WD-06 issues and PRs are closed
- Re: All WD-06 issues and PRs are closed
- RE: All WD-06 issues and PRs are closed
- [w3c/webauthn] b34da8: Built by Travis-CI: cca20d3dd8ac7713904b3ceecd2e0b...
- [webauthn] new commits pushed by WebAuthnBot
- All WD-06 issues and PRs are closed
- Closed: [webauthn] Update Attestation Object figure to match the spec
- Re: [webauthn] Update Attestation Object figure to match the spec
- Closed: [webauthn] Is AlgorithmIdentifier value a string or an object?
- Re: [webauthn] Is AlgorithmIdentifier value a string or an object?
- [w3c/webauthn] cca20d: Use COSE_Key and COSE Algorithm Identifiers (#514)
- [webauthn] new commits pushed by selfissued
- Re: [webauthn] cose key fixups
- Re: [webauthn] cose key fixups
- Re: [webauthn] cose key fixups
- Re: [webauthn] Use COSE_Key and COSE Algorithm Identifiers
Thursday, 3 August 2017
- Re: [webauthn] Update Attestation Object figure to match the spec
- Should isPlatformAuthenticatorAvailable be a method or attribute?
- Re: [webauthn] Update Attestation Object figure to match the spec
- Re: [webauthn] Use COSE_Key and COSE Algorithm Identifiers
- Re: [webauthn] Add isPlatformAuthenticatorReady function to the API surface
- [webauthn] Update Attestation Object figure to match the spec
- Re: [webauthn] Use COSE_Key and COSE Algorithm Identifiers
- [w3c/webauthn] a4f0ca: Built by Travis-CI: e1faf59f86e5903ce4063c1b68b832...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] e1faf5: Restrict WebAuthn support to valid domains (#515)
- [webauthn] new commits pushed by selfissued
- Closed: [webauthn] restrict webauthn support to "valid domains" ?
Wednesday, 2 August 2017
- review comments on PR #515
- Re: [webauthn] restrict webauthn support to "valid domains" ?
- [webauthn] document why only "valid domain" format is allowed for "effective domain"
- Securing Social Media and Email
- Re: [webauthn] restrict webauthn support to "valid domains" ?
- [w3c/webauthn] b52466: Built by Travis-CI: 3e2ada84b66318320d690c49e22c22...
- [webauthn] new commits pushed by WebAuthnBot
- Closed: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- [w3c/webauthn] 3e2ada: Add isPlatformAuthenticatorReady function to the A...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] 19a7ce: Built by Travis-CI: a9fad51b4a9eb7a0eb9e2f77e403f4...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] a9fad5: Adds requireUserVerification option in Authenticat...
- [webauthn] new commits pushed by selfissued
- Closed: [webauthn] requireUserVerification option in AuthenticatorSelectionCriteria
- [w3c/webauthn] c4ab97: Built by Travis-CI: 561fd2cc911fabf81307150794a18b...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 561fd2: Add a script to update .spec-data, and update the ...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] 25889a: Added note about using intentionally short identif...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] 4b6ac4: Use consistent identifier case
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] 479b4b: Shortened selection and attachment identifiers sen...
- [webauthn] new commits pushed by selfissued
- [w3c/webauthn] 197007: Enhance descriptions of UP and UV bits as suggeste...
- [webauthn] new commits pushed by selfissued
- New concall coordinates
- Closed: [webauthn] PublicKeyCredentialRequestOptions and MakeCredentialOptions could both inherit from a dictionary which has their shared members
- Re: [webauthn] PublicKeyCredentialRequestOptions and MakeCredentialOptions could both inherit from a dictionary which has their shared members
- review comments on PR #379
- Re: [webauthn] fixup algs contd 3
- Re: [webauthn] PublicKeyCredentialRequestOptions and MakeCredentialOptions could both inherit from a dictionary which has their shared members
- 08/02/2017 W3C Web Authentication WG Meeting Agenda