Tuesday, 28 February 2017
- Re: [webauthn] Add gesture verification parameter to option in both makeC and getA
- [webauthn] Add keyStorage enum to ScopedCredentialOptions
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] Make makeCredential() more precise.
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- new issue/PR label: [subtype:CTAP]
- Re: [webauthn] "rp" isn't a widely enough known acronym?, should be relyingParting instead?
- Re: [webauthn] Editorial: use more elaborate variable names
- Re: [webauthn] Make makeCredential() more precise.
- Re: [webauthn] Editorial: use more elaborate variable names
- [w3c/webauthn] ce3151: improve ceremony dfn, add Angelo to ACKs
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] refine user verification and authz gesture definitions, add Test of User Presence
- [w3c/webauthn] 945168: fix build: add comma to refs
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] 93eca4: further polish #357
- [webauthn] new commits pushed by equalsJeffH
Monday, 27 February 2017
- [webauthn] Credential CBOR
- Re: [webauthn] Editorial: use more elaborate variable names
- Closed: [webauthn] Editorial: use more elaborate variable names
- Re: [webauthn] Explain how Token Binding IDs get associated with an HTML context.
Saturday, 25 February 2017
- Re: [webauthn] Editorial: use more elaborate variable names
- Re: [webauthn] "rp" isn't a widely enough known acronym?, should be relyingParting instead?
- Re: [webauthn] Make makeCredential() more precise.
Friday, 24 February 2017
- [w3c/webauthn]
- Re: [webauthn] User Verification definition needs to be refined
- [w3c/webauthn] f6d7a6: refine user verif and authz gesture, fixes #357, i...
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Constrain the "reasonable range" of timeouts
- [webauthn] Define extension client processing more carefully.
- [webauthn] Specify the set of hash algorithms UAs can select between.
- Re: [webauthn] What does "If normalizedAlgorithm is empty" mean?
- [webauthn] define what to do if both normalizedAlgorithm and cryptoParameters are empty
- Re: [webauthn] What does "If normalizedAlgorithm is empty" mean?
- Re: [webauthn] Editorial: use more elaborate variable names
- Re: [webauthn] Make hashAlg a "recognized algorithm name".
- [webauthn] Explain how Token Binding IDs get associated with an HTML context.
- Re: [webauthn] What does "If normalizedAlgorithm is empty" mean?
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] Make hashAlg a "recognized algorithm name".
- Re: [webauthn] User Verification definition needs to be refined
- Re: [webauthn] User Verification definition needs to be refined
- Re: [webauthn] Make hashAlg a "recognized algorithm name".
- Re: [webauthn] Add "willMakeCredentialWorkWithTheseConstraints()" method to the API
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] Add gesture verification parameter to option in both makeC and getA
- Reviewed PRs #347 & #348
- Re: [webauthn] WebAuthn available to Workers? aka "silent authentication"
- Re: [webauthn] Silent Authn? clarification of bit 0 in AuthenticatorData
Thursday, 23 February 2017
- [w3c/webauthn] 1a9352: Built by Travis-CI: 22a559f8db50f5d3854bc358c25908...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] f63a36: Bug #256 - Change "relaxing" of RP to the HTML "re...
- [webauthn] new commits pushed by jcjones
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
- Re: [webauthn] Bug #256 - Clarify call of the "Relaxing the Same-Origin Restriction" algorithm
- Re: [webauthn] Editorial: use more elaborate variable names
- [webauthn] Editorial: use more elaborate variable names
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
- Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
Wednesday, 22 February 2017
- Re: [webauthn] What does "If normalizedAlgorithm is empty" mean?
- another fairly new spec to be aware of: Infra (from WhatWG)
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
- Re: [webauthn] Bug #256 - Clarify call of the "Relaxing the Same-Origin Restriction" algorithm
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
- [w3c/webauthn] 3b2cae: Built by Travis-CI: 0c1a498ecf69e1b0431c2c674020ab...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 8eff39: Built by Travis-CI: cc73187dcd84cc70cbbcc095665277...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Track rename issues to maintain consistency
- Re: [webauthn] Track rename issues to maintain consistency
- [webauthn] Eliminate duplicate terminology
- [webauthn] User Verification definition needs to be refined
- [w3c/webauthn] 0ac166: Remove a bunch of unnecessary dfns and anchors.
- [w3c/webauthn] b65aea: updated the reference to FIDO ECDAA
- [w3c/webauthn]
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] Track rename issues to maintain consistency
- Re: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel
- Re: 02/22/2017 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] updated the reference to FIDO ECDAA
- Re: [webauthn] Add reference to FIDO ECDAA spec.
- Re: [webauthn] Add reference to FIDO ECDAA spec.
- [webauthn] Add reference to FIDO ECDAA spec.
- [w3c/webauthn] b65aea: updated the reference to FIDO ECDAA
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel
- Re: [webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
- Re: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel
- Re: [webauthn] Rename Account and ClientData fixes #312
- fyi: Writing Promise-Using Specifications
- F2F minutes posted
- RE: 02/22/2017 W3C Web Authentication WG Meeting Agenda
- 02/22/2017 W3C Web Authentication WG Meeting Agenda
Tuesday, 21 February 2017
- Re: [webauthn] Track rename issues to maintain consistency
- [webauthn] Fetch intergration for WebAuthn API
Monday, 20 February 2017
- Draft checklist for accessibility of technology, comment by 17 March
- Re: [webauthn] Bug #256 - Clarify call of the "Relaxing the Same-Origin Restriction" algorithm
Saturday, 18 February 2017
- Re: [webauthn] Clarify wording on authenticator selection
- Closed: [webauthn] Clarify wording on authenticator selection
Friday, 17 February 2017
- [webauthn] Track rename issues to maintain consistency
- Re: webauthn WD-04 published
- RE: webauthn WD-04 published
- Re: [webauthn] Make hashAlg a "recognized algorithm name".
- webauthn WD-04 published
Thursday, 16 February 2017
- [w3c/webauthn] fced1d: Built by Travis-CI: ce7925cac738fea9a7d81405815aef...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] ce7925: Updates to reflect publication of WD-04
- [webauthn] new commits pushed by vijaybh
- Re: [webauthn] Throw "NotFoundError" when internal authenticator is not available or not found
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
Wednesday, 15 February 2017
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] Is _rpId_ supposed to look like an origin serialization, or like a hostname?
- Re: [webauthn] References to "algorythm" and "alg" should be same string
- Re: [webauthn] References to "algorythm" and "alg" should be same string
- [webauthn] References to "algorythm" and "alg" should be same string
- Re: [webauthn] Make makeCredential() more precise.
- Closed: [webauthn] Unclear how ClientData is created in makeCredential()
- Re: [webauthn] Unclear how ClientData is created in makeCredential()
- Re: [webauthn] I don't understand how to create a ClientData in makeCredential
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
- Re: [webauthn] Define what happens when the Document loses focus
- Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
- [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- [w3c/webauthn] 1f470c: Built by Travis-CI: 02c4db116d8119b8a25ed307fdcc1f...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Timeouts should be in ms not seconds
- Closed: [webauthn] Timeouts should be in ms not seconds
- Re: [webauthn] timeoutSeconds options should just be timeout in ms?
- Closed: [webauthn] timeoutSeconds options should just be timeout in ms?
- [w3c/webauthn] 02c4db: Renamed timeoutSeconds to timeoutMilliseconds (#3...
- [webauthn] new commits pushed by vijaybh
- Re: [webauthn] Throw "NotFoundError" when internal authenticator is not available or not found
- Re: [webauthn] Unclear how ClientData is created in makeCredential()
- Re: [webauthn] Clarify wording on authenticator selection
- Re: [webauthn] Add explanation of why the account argument is useful
- Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
- [w3c/webauthn] ede26e: Built by Travis-CI: 0d9d89e66b3234b325b1d6fa651054...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 0d9d89: Highlight the examples as JavaScript and remove no...
- [webauthn] new commits pushed by vijaybh
- [w3c/webauthn] ed4cd4: Built by Travis-CI: b61bf0df4da547a51aab1dd71c32d6...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] b61bf0: Make BufferSource parameters actually BufferSource...
- [webauthn] new commits pushed by vijaybh
- Closed: [webauthn] Examples show a DOMString passed to challenge, but it's a BufferSource
Tuesday, 14 February 2017
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] Should WebAuthnAttestation attributes have constructors?
- Closed: [webauthn] Should WebAuthnAttestation attributes have constructors?
- Re: [webauthn] `rpID` origin relaxation?
- Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] WebAPI: FIDO Authenticator model - clarifications needed
- Re: [webauthn] Spec should not mandate behavior of server
- Re: [webauthn] Clarify names for crypto algs, e.g. RS256
- Re: [webauthn] Examples show a DOMString passed to challenge, but it's a BufferSource
- Re: [webauthn] Should use "RS1" instead of "RSA1_5"
- Closed: [webauthn] Should use "RS1" instead of "RSA1_5"
- [w3c/webauthn] 75a381: Built by Travis-CI: 9d94e5ff60cd5cff5d134f391c2cd6...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 9d94e5: allow u2f attestation to be chained (#342)
- [webauthn] new commits pushed by leshi
- Re: [webauthn] Should use "RS1" instead of "RSA1_5"
- [w3c/webauthn] 0b2748: better text wrapping
- [webauthn] new commits pushed by leshi
- [w3c/webauthn] a2290b: Built by Travis-CI: 233ff105822c1317b015ca776c6fd8...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 233ff1: Fix #335: Remove extraneous whitespace in IDL para...
- Closed: [webauthn] Whitespace around < > in Web IDL is unusual
- [webauthn] new commits pushed by leshi
- [w3c/webauthn] 1db4a9: allow u2f attestation to be chained
- [webauthn] new commits pushed by leshi
- [webauthn] Examples show a DOMString passed to challenge, but it's a BufferSource
- Re: [webauthn] Whitespace around < > in Web IDL is unusual
- Re: [webauthn] Should use "RS1" instead of "RSA1_5"
Monday, 13 February 2017
- [w3c/webauthn] 81e586: Built by Travis-CI: 85db884771c13f7c540db3a58b925c...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] 85db88: Clean up attestation, abstract it from UA, fix TPM...
- Closed: [webauthn] Consider using CDDL (CBOR data definition language) to define CBOR-encoded data structures
- Closed: [webauthn] RSA credential public key encoding in "attestation data" incorrectly specified?
- Closed: [webauthn] Define a U2F attestation format
- Closed: [webauthn] Can the "attestation" of a WebAuthnAttestation be a non-object?
- Closed: [webauthn] Why are some of the attestation interfaces [SecureContext] while others are not?
- Closed: [webauthn] Which of the attestation format interfaces are expected to be exposed in UAs?
- Closed: [webauthn] Add section describing verification of a WebAuthnAssertion
- Closed: [webauthn] Clarify uses of ClientData
- Closed: [webauthn] WebAPI: credential binding to a user account
- Closed: [webauthn] WebAPI: FIDO Authenticator model - clarifications needed
- Closed: [webauthn] differentiate assertion signatures and attestation signatures
- Closed: [webauthn] TPM attestation format spec is incomplete
- Closed: [webauthn] Simplifying attestation, take two
- Closed: [webauthn] should authenticator layer send hashed or unhashed rpId to authenticators?
- Closed: [webauthn] certifyinfo needs to be specified
- Closed: [webauthn] Spec should not mandate behavior of server
- Closed: [webauthn] "JSON serialization" in makeCredential probably needs to be defined more clearly
- Closed: [webauthn] explicitly denote RSA signature scheme
- [webauthn] new commits pushed by vijaybh
- Closed: [webauthn] 5.2.2. Generating a signature
- Closed: [webauthn] Clarify names for crypto algs, e.g. RS256
- Closed: [webauthn] fix signature alg names and RFC3447 cite in {#generating-an-attestation-statement}
- Re: [webauthn] Clean up attestation, abstract it from UA, fix TPM format, add U2F format
- [w3c/webauthn] 50bb26: Clean up attestation CDDL
- [webauthn] new commits pushed by vijaybh
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: U2F to WebAuthn (as of Vijay's PR)
- Re: [webauthn] Add clearer definition of API use cases to the spec
- U2F to WebAuthn (as of Vijay's PR)
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: [webauthn] Expose standard authenticator fields in JS objects, vs. binary
- CDDL tool
- [w3c/webauthn] ce9c18: fix CDDL marker for packed attestation
- [webauthn] new commits pushed by rlin1
- Re: [webauthn] Clean up attestation, abstract it from UA, fix TPM format, add U2F format
- Re: updated diffs of state of vgb-u2f-attestation branch (see PR #321)
- Re: [webauthn] `rpID` origin relaxation?
- [webauthn] `rpID` origin relaxation?
- [w3c/webauthn] 2ebdcf: Use CDDL to define attestation and extension struc...
- [webauthn] new commits pushed by vijaybh
Sunday, 12 February 2017
Saturday, 11 February 2017
Friday, 10 February 2017
- [w3c/webauthn] 1a9371: Built by Travis-CI: fc8f027bb8e0763bd78e0eac52f065...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] fc8f02: Update w3c.json
- [webauthn] new commits pushed by wseltzer
Thursday, 9 February 2017
- Re: [webauthn] Should use "RS1" instead of "RSA1_5"
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: [webauthn] "rp" isn't a widely enough known acronym?, should be relyingParting instead?
- Re: [webauthn] hashAlg -> hashAlgorithm?
- Re: [webauthn] Add cloud transport option to transport hint
- Re: [webauthn] overall security considerations section or document
- Re: [webauthn] overall security considerations section or document
- Re: [webauthn] Clean up attestation, abstract it from UA, fix TPM format, add U2F format
- [w3c/webauthn] c9b20a: Fix interface/member confusion
- [webauthn] new commits pushed by vijaybh
Wednesday, 8 February 2017
- W3C 02/13/2017 Web Authentication Face to Face Agenda
- Re: [webauthn] Renamed timeoutSeconds to timeoutMilliseconds
- Re: 02/08/2017 W3C Web Authentication WG Meeting Agenda
- [webauthn] Expose credential public key in `ScopedCredential`
- updated diffs of state of vgb-u2f-attestation branch (see PR #321)
- Re: [webauthn] Clean up attestation, abstract it from UA, fix TPM format, add U2F format
- [w3c/webauthn] 7642dd: Editorial revisions
- [webauthn] new commits pushed by vijaybh
- Fwd: Scribe instructions
Tuesday, 7 February 2017
Monday, 6 February 2017
- [w3c/webauthn] 4751da: Bikeshed renamed its include folder to boilerplate
- [webauthn] new commits pushed by vijaybh
- [w3c/webauthn] 097c8c: Built by Travis-CI: 4751dacb364be3d17ece4ee0ace060...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 4751da: Bikeshed renamed its include folder to boilerplate
- [webauthn] new commits pushed by vijaybh
- [w3c/webauthn] 1088d3: Fix bikeshed linking error
- [webauthn] new commits pushed by vijaybh
Friday, 3 February 2017
Thursday, 2 February 2017
- Re: [webauthn] Explainer or more examples?
- Re: [webauthn] Whitespace around < > in Web IDL is unusual
- Re: [webauthn] Whitespace around < > in Web IDL is unusual
- Re: [webauthn] Explainer or more examples?
Wednesday, 1 February 2017
- Closed: [webauthn] Explainer or more examples?
- Re: [webauthn] Explainer or more examples?
- Re: [webauthn] 5.2.2. Generating a signature
- Re: [webauthn] Whitespace around < > in Web IDL is unusual
- Closed: [webauthn] Whitespace around < > in Web IDL is unusual
- Re: [webauthn] Renamed timeoutSeconds to timeoutMilliseconds
- Re: [webauthn] Add cloud transport option to transport hint
- 02/01/2017 W3C Web Authentication WG Meeting Agenda