public-webauthn@w3.org from December 2017 by subject

12/06/2017 W3C Web Authentication WG Meeting Agenda

12/13//2017 W3C Web Authentication WG Meeting Agenda

12/20//2017 W3C Web Authentication WG Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 06af8b: fix 711 identifier internal slot contains credID (...

[w3c/webauthn] 0d5283: Change id -> ID (#722)

[w3c/webauthn] 0df649: address emlun's feedback, thx!

[w3c/webauthn] 12f2d0: revert master branch to editors' draft status

[w3c/webauthn] 1651dc: fix 711 identifier internal slot contains credID

[w3c/webauthn] 175813: Add note on why authenticator attachment ise used ...

[w3c/webauthn] 17e9c6: Built by Travis-CI: 269144c764db7818c9d149bd08e82c...

[w3c/webauthn] 1ef97e: Built by Travis-CI: 986d6275555e1b9cdd58dc1fcb6df3...

[w3c/webauthn] 22b11a: Built by Travis-CI: 06af8bc949948fe4d7554f0bd59d94...

[w3c/webauthn] 269144: Fix issue #685 (#686)

[w3c/webauthn] 2752db: Address review comments by @equalsJeffH

[w3c/webauthn] 301468: move the credentialId uniqueness handling to the f...

[w3c/webauthn] 337d53: fix broken {{PublicKeyCredentialEntity/id}} links ...

[w3c/webauthn] 34caca: fix aaguid dfn and linking errors

[w3c/webauthn] 372f15: Built by Travis-CI: a6c0da2f14924a52cd20d94f380128...

[w3c/webauthn] 3938fc: Address review comments by @akshayku

[w3c/webauthn] 3b2a1d: Don't return user handle in getAssertion in 2nd fa...

[w3c/webauthn] 41c70a: Built by Travis-CI: 0d52835299a025a114007dcb22bf5c...

[w3c/webauthn] 44ba0c: Built by Travis-CI: 12f2d09a437489e69b0c482e664642...

[w3c/webauthn] 502915: fix #455: we are using CTAP canonical CBOR encodin...

[w3c/webauthn] 579a96: Built by Travis-CI: 8f349fefbba8326f493e7bfeb4150c...

[w3c/webauthn] 5e63e5: Resolve linking errors for WD-07 publication (#703...

[w3c/webauthn] 6734b9: Specify that SHA-256 is used for hashing the clien...

[w3c/webauthn] 758115: Updated editors and acknowledgements (#726)

[w3c/webauthn] 887b12: Built by Travis-CI: 8ea5208a01c5993149077e86ef697d...

[w3c/webauthn] 8b64e8: update COSE_Key format description parag

[w3c/webauthn] 8ea520: Add formal links to PublicKeyCredentialDescriptor ...

[w3c/webauthn] 8f349f: Correct Android Key attestation verification proce...

[w3c/webauthn] 986d62: Don't say user handle is optional in Public Key Cr...

[w3c/webauthn] 99bacc: Added John Bradley to Acknowledgements

[w3c/webauthn] 9a7eba: fix broken {{PublicKeyCredentialEntity/id}} links ...

[w3c/webauthn] a32e84: Fix typo

[w3c/webauthn] a6c0da: move the credentialId uniqueness handling to the f...

[w3c/webauthn] a7afbf: Change id -> ID

[w3c/webauthn] bdfb14: Built by Travis-CI: f780ca85a74f664bea4890bd1111a6...

[w3c/webauthn] bff719: Built by Travis-CI: 9a7eba85fb463531382e3660511947...

[w3c/webauthn] c7149f: incorp akshayku's comment, thx!

[w3c/webauthn] ca976a: consolidate sec cons sections, create priv cons

[w3c/webauthn] ce9b30: Built by Travis-CI: 6734b92a8831b37c423e973d81624e...

[w3c/webauthn] d448eb: Don't say user handle is optional in Public Key Cr...

[w3c/webauthn] d77acb: Update index.bs

[w3c/webauthn] e33f9f: Built by Travis-CI: 33ac796035b250d29ddf056ac04431...

[w3c/webauthn] e38a37: Un-hardcode step numbers in RP operations

[w3c/webauthn] ed665a: Built by Travis-CI: 99baccf8be8abf78607e4a86bad809...

[w3c/webauthn] f0342a: Add formal links to PublicKeyCredentialDescriptor ...

[w3c/webauthn] f11fca: Built by Travis-CI: 5e63e5780a531a1cf8cf0e9f9e9b55...

[w3c/webauthn] f57729: be more precise about what ceremony we mean

[w3c/webauthn] f780ca: Add note on why authenticator attachment ise used ...

[w3c/webauthn] fdcf61: Address most of @equalsJeffH's review comments

[webauthn] "5.4. Options for Credential Creation" still lists PublicKeyCredentialUserEntity.name

[webauthn] #420: Add note on why authenticator attachment is used only in create()

[webauthn] [[identifier]]

[webauthn] Add privacy consideration about terminating getAssertion early

[webauthn] Adding CDDL to txAuthSimple

[webauthn] Ask for tests for normative changes in CONTRIBUTING.md

[webauthn] Authenticator selection extension - should makeCredential fail if no specified authenticator can be found?

[webauthn] Authnr selection aaguidlist

[webauthn] Biometric Criteria Extension

[webauthn] Bug: getAssertion accidentally calls authenticatorGetAssertion in first factor mode

[webauthn] CDDL description of location extension

[webauthn] choose consistent section id prefix

[webauthn] clarify "authenticator model": RPs may perform feature-based authenticator selection

[webauthn] Closed Pull Request: Fix #720: Don't return user handle in 2nd factor mode

[webauthn] Closed Pull Request: Update the RP operation section to be "not normative"

[webauthn] cognitive-accessibility consideration

[webauthn] Consider requiring canonical CBOR throughout

[webauthn] Consider using "parse JSON from bytes"

[webauthn] Contradiction in whether user handle is required

[webauthn] Correct Android Key attestation verification procedure

[webauthn] Credential ID uniqueness expectations are inconsistent/vague

[webauthn] Crypto algorithm agility: e.g., Specify the set of hash algorithms UAs can select between.

[webauthn] define "blinding"

[webauthn] Describe how authenticators unique and find credential sources.

[webauthn] Extension identifiers in examples are inconsistent with registered identifiers

[webauthn] FIDO U2F Attestation Statement Format needs to clarify that user handle will be empty

[webauthn] fix #322: flesh out Security Considerations (for now)

[webauthn] Fix #622: Clarify PublicKeyCredentialEntity name descriptions

[webauthn] Fix #713: Define JSON deserialization

[webauthn] Fix #716: Add formal links to PublicKeyCredentialDescriptor description

[webauthn] Fix #720: Align user handle management with CTAP

[webauthn] Fix #720: Don't return user handle in 2nd factor mode

[webauthn] fix 711 identifier internal slot contains credID

[webauthn] fix broken {{PublicKeyCredentialEntity/id}} links to be..

[webauthn] Fix issue #685

[webauthn] JSON deserialization is not defined

[webauthn] Merged Pull Request: #420: Add note on why authenticator attachment is used only in create()

[webauthn] Merged Pull Request: CDDL description of location extension

[webauthn] Merged Pull Request: Change id -> ID

[webauthn] Merged Pull Request: Correct Android Key attestation verification procedure

[webauthn] Merged Pull Request: Fix #716: Add formal links to PublicKeyCredentialDescriptor description

[webauthn] Merged Pull Request: Fix #720: Contradiction in whether user handle is required

[webauthn] Merged Pull Request: fix 711 identifier internal slot contains credID

[webauthn] Merged Pull Request: fix broken {{PublicKeyCredentialEntity/id}} links to be..

[webauthn] Merged Pull Request: move the credentialId uniqueness handling to the formal alg steps.

[webauthn] Merged Pull Request: Resolve linking errors for WD-07 publication

[webauthn] Merged Pull Request: Specify that SHA-256 is used for hashing the client data.

[webauthn] Merged Pull Request: Updated editors and acknowledgements

[webauthn] move the credentialId uniqueness handling to the formal alg steps.

[webauthn] musings wrt webauthn's profile of COSE_Key

[webauthn] Need to fix android key attestation verification procedure

[webauthn] new commits pushed by AngeloKai

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by gmandyam

[webauthn] new commits pushed by jcjones

[webauthn] new commits pushed by rlin1

[webauthn] new commits pushed by selfissued

[webauthn] new commits pushed by WebAuthnBot

[webauthn] Normalize RFC2119 langugage

[webauthn] PublicKeyCredentialDescriptor.id needs a more precise definition

[webauthn] Pull Request: Adding CDDL to txAuthSimple

[webauthn] Pull Request: Change id -> ID

[webauthn] Pull Request: Correct Android Key attestation verification procedure

[webauthn] Pull Request: fix #322: flesh out Security Considerations (for now)

[webauthn] Pull Request: fix #455: we are using CTAP canonical CBOR encoding form everywhere

[webauthn] Pull Request: Fix #713: Define JSON deserialization

[webauthn] Pull Request: Fix #716: Add formal links to PublicKeyCredentialDescriptor description

[webauthn] Pull Request: Fix #720: Contradiction in whether user handle is required

[webauthn] Pull Request: Fix #720: Don't return user handle in 2nd factor mode

[webauthn] Pull Request: fix 543: improve COSE_Key spec language and add COSE_Key examples

[webauthn] Pull Request: fix 711 identifier internal slot contains credID

[webauthn] Pull Request: fix broken {{PublicKeyCredentialEntity/id}} links to be..

[webauthn] Pull Request: move the credentialId uniqueness handling to the formal alg steps.

[webauthn] Pull Request: Resolve linking errors for WD-07 publication

[webauthn] Pull Request: Rework the FIDO AppID extension.

[webauthn] Pull Request: Specify that SHA-256 is used for hashing the client data.

[webauthn] Pull Request: Updated editors and acknowledgements

[webauthn] remove alg argument lists in Abort Operation section

[webauthn] Resolve linking errors for WD-07 publication

[webauthn] restrict WebAuthentication API to only top level browsing context

[webauthn] Review acknowledgments and editors list

[webauthn] Rework the FIDO AppID extension.

[webauthn] Specify that SHA-256 is used for hashing the client data.

[webauthn] txAuthSimple does not conform to extension requirements

[webauthn] update extensions framework to include interfacing with user agent permissions framework

[webauthn] Update session management for BT

[webauthn] Update the RP operation section to be "not normative"

[webauthn] Updated editors and acknowledgements

[webauthn] updating spec attribution

[webauthn] User Verification Method (uvm) extension incorrectly mentions user verification *index*

[webauthn] UVM Extension Editorial Change

[webauthn] various issues with AppId extension

Call for Consensus

Closed: [webauthn] "5.4. Options for Credential Creation" still lists PublicKeyCredentialUserEntity.name

Closed: [webauthn] [[identifier]]'s explanation ought to link to [=credential ID=]

Closed: [webauthn] Bug: getAssertion accidentally calls authenticatorGetAssertion in first factor mode

Closed: [webauthn] Contradiction in whether user handle is required

Closed: [webauthn] Credential ID uniqueness expectations are inconsistent/vague

Closed: [webauthn] Crypto algorithm agility: e.g., Specify the set of hash algorithms UAs can select between.

Closed: [webauthn] Extension identifiers in examples are inconsistent with registered identifiers

Closed: [webauthn] Need to fix android key attestation verification procedure

Closed: [webauthn] PublicKeyCredentialDescriptor.id needs a more precise definition

Closed: [webauthn] remove alg argument lists in Abort Operation section

Closed: [webauthn] restrict WebAuthentication API to only top level browsing context

Closed: [webauthn] Review acknowledgments and editors list

Closed: [webauthn] there is no {{PublicKeyCredentialEntity/id}}

Closed: [webauthn] User Verification Method (uvm) extension incorrectly mentions user verification *index*

Closed: [webauthn] UVM Extension Editorial Change

Diffs of WebAuthn WD-07 from WD-06

Implementation status question from WCAG 2.1

Link for rendered HTML Diff WD-07 from WD-06

release page for Web Authentication Working Draft rev 7 (WD-07)

WD-07 is officially published

Last message date: Saturday, 30 December 2017 08:31:09 UTC