Re: [webauthn] hostname canonicalization in {#makeCredential} section?
CredMan Schedule
Focus for 04/05/2016 W3C WebAuthentication WG Meeting
Web Authentication WG PAG Recommends Continued WOrk
[webauthn] Protect against TLS MiTM by including TLS cert chain in signature
Reminder no w3c WebAuthn meeting today
WebAuthn Registries document now an Internet Draft
[w3c/webauthn] b27cb9: Built by Travis-CI: 94a30ff2498b5ee8b2b0898c596e1e...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 9dac88: add rendered -00d in .html .txt
[webauthn] new commits pushed by selfissued
[w3c/webauthn] e20767: unversion rendered -webauthn-registries files
[webauthn] new commits pushed by equalsJeffH
Re: [webauthn] fix webauthn ref in -webauthn-registries to link to webauthn editors' draft
[w3c/webauthn] 9dac88: add rendered -00d in .html .txt
[webauthn] new commits pushed by equalsJeffH
Closed: [webauthn] Add "registration extension" and "authentication extension" to glossary
Re: [webauthn] Add "registration extension" and "authentication extension" to glossary
[w3c/webauthn] 4913e9: Built by Travis-CI: da9520ab40268541833f64e7436c12...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] da9520: Align registries draft and WebAuthn draft and addr...
[webauthn] new commits pushed by vijaybh
Re: [webauthn] Separated proposed changes to extension semantics from PR #386 and use TypeError, per @jyasskin
Please review PR #386
Separated proposed changes to extension semantics from PR #386 and use TypeError, per @jyasskin
[w3c/webauthn] 0a0853: Built by Travis-CI: 84795c6bf1ea482488654e2eb02cb2...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 84795c: Typo: Fix a linking error after DAA merge. (#388)
Re: [webauthn] Processing model for extensions is very underdefined
[webauthn] Consider empty allowLists
[w3c/webauthn] a5ce49: Built by Travis-CI: 3351e05f4103836377b4d9b1411aac...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn]
[w3c/webauthn] 0154cb: replaced DAA root key by daaKeyId. Added proper r...
[w3c/webauthn] 2ba5eb: Built by Travis-CI: dbce688512007c2a0d52ff3cac1f2e...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] dbce68: Rename Account and ClientData fixes #312 (#344)
Closed: [webauthn] Consider scoping Account and ClientData
[webauthn] new commits pushed by vijaybh
can't add...
03/22/2017 W3C Web Authentication WG Meeting Agenda
Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
- Re: [webauthn] Align registries draft and WebAuthn draft and address extension issues
Re: [webauthn] Why are various predefined extensions defined as extensions, and not just parts of the spec?
Re: [webauthn] What ensures any semblance of interop for WebAuthnExtensions?
Re: [webauthn] Propose procedure for adding to attestation/extension registry
- Re: [webauthn] Propose procedure for adding to attestation/extension registry
- Re: [webauthn] Propose procedure for adding to attestation/extension registry
Align registries draft and WebAuthn draft and address extension issues
Re: [webauthn] Spec should not mandate behavior of server
[w3c/webauthn] bed7c2: replaced DAA by ECDAA since this is the only varia...
[webauthn] new commits pushed by rlin1
[webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- Re: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- Re: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- Re: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- Closed: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
- Re: [webauthn] daaKey format? (ECPointToB -> ECPoint2ToB)
Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
- Re: [webauthn] Enable RP to choose authenticators based on key storage capability
[w3c/webauthn] 2fd769: Change keystorage option as requireResidentKey fla...
[webauthn] new commits pushed by AngeloKai
Re: [webauthn] Add gesture verification parameter to option in both makeC and getA
[w3c/webauthn] 370dc7: Built by Travis-CI: be9240a66b18b1a564118374ed96ec...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] be9240: alloc ArrayBuffers in correct global, fixes #293, ...
[w3c/webauthn]
Closed: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
[webauthn] new commits pushed by vijaybh
Re: [webauthn] replaced DAA root key by daaKeyId. Added proper references
[w3c/webauthn] 9148ef: Built by Travis-CI: 480d958aadde0602703a9a01c8daa9...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 480d95: Tiny typo in 'ScopedCredentialDesciptor'. (#383)
Re: [webauthn] Tiny typo in 'ScopedCredentialDesciptor'.
[webauthn] new commits pushed by vijaybh
Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
- Re: [webauthn] Strawman of an integration between WebAuthn and Credential Management.
mike west on Credential Management & WebAuthn status
Re: [webauthn] Specify the set of hash algorithms UAs can select between.
Re: [webauthn] Define what happens when the Document loses focus
[webauthn] Describe attacks on privacy that are allowed/prevented
fyi: webkit intent to implement Credential Management Level 1
[w3c/webauthn] 9d8ac4: fix typo. See #233
[webauthn] new commits pushed by rlin1
Re: [webauthn] detail-level issues in signature format, attestation format(s), attestation statement
[w3c/webauthn] 0154cb: replaced DAA root key by daaKeyId. Added proper r...
[webauthn] new commits pushed by rlin1
Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
- Re: [webauthn] alloc ArrayBuffers in correct global
Re: [webauthn] "NotAllowedError" is in WebIDL editors draft but not in WebIDL Level 1
03/15/2017 W3C Web Authentication WG Meeting Agenda
- RE: 03/15/2017 W3C Web Authentication WG Meeting Agenda
- Re: 03/15/2017 W3C Web Authentication WG Meeting Agenda
[webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
- Re: [webauthn] Should the WebAuth API have a cancel() method?
[w3c/webauthn] 15c000: fixes linking issues and add resident key in authe...
[webauthn] new commits pushed by AngeloKai
[w3c/webauthn] ec625e: alloc ArrayBuffers in correct global, fixes #293, ...
[webauthn] new commits pushed by equalsJeffH
[webauthn] makeCredential should be more precise than NotAllowedError in its last step
- Re: [webauthn] makeCredential should be more precise than NotAllowedError in its last step
- Re: [webauthn] makeCredential should be more precise than NotAllowedError in its last step
- Re: [webauthn] makeCredential should be more precise than NotAllowedError in its last step
Re: [webauthn] Explain how Token Binding IDs get associated with an HTML context.
- Re: [webauthn] Explain how Token Binding IDs get associated with an HTML context.
- Re: [webauthn] Explain how Token Binding IDs get associated with an HTML context.
[w3c/webauthn] 7bac17: Jeffh canonicalize markup (#370)
[webauthn] new commits pushed by AngeloKai
Re: [webauthn] "might be present on this authenticator" could use a clearer definition
Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
- Re: [webauthn] Please ensure that all ArrayBuffer creations are done explicitly, in the correct global
Re: [webauthn] What does it mean to "get assertions" in getAssertion step 7?
Closed: [webauthn] What does it mean to "get assertions" in getAssertion step 7?
Closed: [webauthn] Creation of WebAuthnAssertion in getAssertion should probably be more explicit
Re: [webauthn] Creation of WebAuthnAssertion in getAssertion should probably be more explicit
Closed: [webauthn] getAssertion needs to not go async before making a copy of the assertionChallenge
Re: [webauthn] getAssertion needs to not go async before making a copy of the assertionChallenge
Closed: [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async
Re: [webauthn] Need to clearly define what it means to SHA-256 hash the "host" output of the document.domain setter
Closed: [webauthn] Need to clearly define what it means to SHA-256 hash the "host" output of the document.domain setter
Re: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel
Closed: [webauthn] There is no "current settings object" in algorithm steps that are executing in parallel
Re: [webauthn] Does "Then asynchronously continue executing the following steps" mean "in parallel"?
Closed: [webauthn] Does "Then asynchronously continue executing the following steps" mean "in parallel"?
[w3c/webauthn] e27217: Built by Travis-CI: 985f88e1effa1662117d88fd0f9f6e...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 985f88: fixup getAssertion, polish algorithms (#371)
[w3c/webauthn]
Closed: [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit
Closed: [webauthn] The concept "empty" is not really defined for IDL sequences
[webauthn] new commits pushed by vijaybh
Closed: [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee
Closed: [webauthn] The steps for makeCredential do a bunch of implicit getting of members
[w3c/webauthn] e20015: apply global and task src to getA() fixes #277
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 1c84e8: polish token binding occurances
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] caade2: add 'spec roadmap' section as discussed with vijay...
[webauthn] new commits pushed by equalsJeffH
Re: [administrivia] wrt deleted branches and closed PR in webauthn repo
[w3c/webauthn] cbf417: Built by Travis-CI: 4edcb919532767ff95dd671baa1cb3...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 172959: make getAssertion() more precise a la makeCredenti...
[webauthn] new commits pushed by equalsJeffH
wrt deleted branches and closed PR in webauthn repo
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn]
[w3c/webauthn] 31bed4: added key storage parameter to the spec
[webauthn] new commits pushed by AngeloKai
Dirk's presentation of the relationship between CredMan and WebAuthn
[w3c/webauthn] bf6d61: fixing relevant origin bugs, thx vijaybh!
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] f1bc28: cleanup fixes for #254 and #271
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 48e1b6: fix getA() cutnpaste: ScopedCredentialOptions => A...
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] b89275: update acks
[webauthn] new commits pushed by equalsJeffH
CredMan Credential Scoping and Webauthn
[w3c/webauthn] 4edcb9: Fix broken TPM links
[webauthn] new commits pushed by equalsJeffH
Re: [webauthn] ScopedCredentialDescriptor can contain BufferSources that are processed async
Re: [webauthn] callerOrigin isn't actually the origin of the caller; it's the origin of the callee
[webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
- Re: [webauthn] restrict WebAuthentication API to only top level browsing context
[w3c/webauthn] eee29f: fixes some of the prior 'fixes' (haste made waste)
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 9aaa4a: 'was specd'=>'present/not present' fixes #251. + m...
[webauthn] new commits pushed by equalsJeffH
[webauthn] follow Bluetooth and NFC brand usage guidance
Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
- Re: [webauthn] Rename Account and ClientData fixes #312
PR #344
[w3c/webauthn] 43fd00: fixes per vijaybh's review.
[webauthn] new commits pushed by equalsJeffH
RE: 03/08/2017 W3C Web Authentication WG Meeting Agenda
[webauthn] Justify differences in TPM Attestation Verification procedures in WebAuthn versus TCG specifications
[w3c/webauthn] abfa91: Built by Travis-CI: 4edcb919532767ff95dd671baa1cb3...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn] 4edcb9: Fix broken TPM links
[webauthn] new commits pushed by vijaybh
TPM hyperlinks broken?
Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
- Re: [webauthn] fixup getAssertion, polish algorithms
Closed: [webauthn] Should attestationChallenge be snapshotted in makeCredential, or used before going async?
Re: [webauthn] Should attestationChallenge be snapshotted in makeCredential, or used before going async?
Closed: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
- Re: [webauthn] Exception handling in cryptoParameters processing needs to be clarified
[w3c/webauthn]
[w3c/webauthn] 172959: make getAssertion() more precise a la makeCredenti...
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn]
[w3c/webauthn] 7bac17: Jeffh canonicalize markup (#370)
Re: [webauthn] `rpID` origin relaxation?
Closed: [webauthn] `rpID` origin relaxation?
[w3c/webauthn] 609ad6: Fix two typos and some locally anomalous line leng...
[w3c/webauthn] 795cb4: Built by Travis-CI: 7bac171a7380ca2ce7fcd6deafb0fc...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn]
[webauthn] new commits pushed by vijaybh
Re: [webauthn] Jeffh canonicalize markup
[webauthn] new commits pushed by vijaybh
[webauthn] new commits pushed by AngeloKai
[webauthn] new commits pushed by AngeloKai
[w3c/webauthn] aee0c0: Refine makeCredential description (#369)
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] aee0c0: Refine makeCredential description (#369)
[w3c/webauthn] 66a296: Refine makeCredential description
[w3c/webauthn] 652551: Built by Travis-CI: aee0c081ff073637a67070cb446387...
[webauthn] new commits pushed by WebAuthnBot
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn]
[webauthn] new commits pushed by vijaybh
[w3c/webauthn] b0f283: Incorporate feedback from JeffH, part 3
[w3c/webauthn] c85f7a: Incorporate feedback from JeffH, part 2
[webauthn] new commits pushed by vijaybh
[w3c/webauthn] 7ccb88: refine user verification and authz gesture definit...
[webauthn] new commits pushed by vijaybh
Re: [webauthn] Refine makeCredential description
- Re: [webauthn] Refine makeCredential description
- Re: [webauthn] Refine makeCredential description
- Re: [webauthn] Refine makeCredential description
- Re: [webauthn] Refine makeCredential description
[w3c/webauthn] 644551: Incorporate feedback from JeffH, part 1
[webauthn] new commits pushed by vijaybh
Re: [webauthn] Define extension client processing more carefully.
Re: [webauthn] Constrain the "reasonable range" of timeouts
reviewed issues, closed some, assigned subtypes
Re: [webauthn] Privacy concerns with blacklist/whitelist
Re: [webauthn] Privacy across Account IDs
Re: [webauthn] Credential ID not signed
Closed: [webauthn] Credential ID not signed
editorial: fixup all '<a>...</a>' to be '[=...=]' ?
- RE: editorial: fixup all '<a>...</a>' to be '[=...=]' ?
- RE: editorial: fixup all '<a>...</a>' to be '[=...=]' ?
Re: [webauthn] Drop UAF references in favor of better explanation
[w3c/webauthn] 585377: Built by Travis-CI: 7ccb88203be7b7d521d9fe000ceb4e...
Closed: [webauthn] Do we need "Algorithm Usage Location(s)" and "JOSE Implementation Requirements" in the IANA Considerations section?
Re: [webauthn] Do we need "Algorithm Usage Location(s)" and "JOSE Implementation Requirements" in the IANA Considerations section?
[w3c/webauthn] 66a296: Refine makeCredential description
Re: [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit
- Re: [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit
- Re: [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit
- Re: [webauthn] Creation of ScopedCredentialInfo in makeCredential should probably be more explicit
[webauthn] new commits pushed by vijaybh
[w3c/webauthn] 7ccb88: refine user verification and authz gesture definit...
[webauthn] new commits pushed by WebAuthnBot
[w3c/webauthn]
[webauthn] new commits pushed by vijaybh
Closed: [webauthn] User Verification definition needs to be refined
Closed: [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them
Re: [webauthn] Please coordinate with the HTML spec to extract the relevant bits of the document.domain setter so you can call them
Re: [webauthn] What does normalizedParameters actually contain in makeCredential?
[w3c/webauthn] d8b6c8: refine user verification dfn
[w3c/webauthn] 7b85ee: polish 'user consent' dfn per jcjones comment
Re: [webauthn] refine user verification and authz gesture definitions, add Test of User Presence
- Re: [webauthn] refine user verification and authz gesture definitions, add Test of User Presence
- Re: [webauthn] refine user verification and authz gesture definitions, add Test of User Presence
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 50c961: fix build by adding the proverbial missing comma.....
[webauthn] new commits pushed by equalsJeffH
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 546f82: Make makeCredential() more precise. (#347)
[webauthn] new commits pushed by equalsJeffH
[w3c/webauthn] 951a76: Built by Travis-CI: 546f82fccf9d676c49a0af109a7f11...
[w3c/webauthn] 546f82: Make makeCredential() more precise. (#347)
[w3c/webauthn] 502fc6: Built by Travis-CI: c42a822a357c1697c999d930106ed6...
[w3c/webauthn] c42a82: Make hashAlg a "recognized algorithm name". (#352)
[webauthn] new commits pushed by WebAuthnBot
[webauthn] new commits pushed by WebAuthnBot
[webauthn] new commits pushed by vijaybh
Closed: [webauthn] What does "If normalizedAlgorithm is empty" mean?
Closed: [webauthn] I don't understand how to create a ClientData in makeCredential
[webauthn] new commits pushed by vijaybh
Closed: [webauthn] WebCryptoAPI's "normalizing an algorithm" cannot be done as part of async steps
Closed: [webauthn] What does normalizedParameters actually contain in makeCredential?
Re: [webauthn] Make makeCredential() more precise.
Re: [webauthn] Add keyStorage enum to ScopedCredentialOptions
- Re: [webauthn] Add keyStorage enum to ScopedCredentialOptions
- Re: [webauthn] Add keyStorage enum to ScopedCredentialOptions
- Re: [webauthn] Add keyStorage enum to ScopedCredentialOptions
Re: [webauthn] Editorial: use more elaborate variable names
Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
- Re: [webauthn] Throw NotFoundError when no authenticator is available
Re: [webauthn] Make hashAlg a "recognized algorithm name".
Re: [webauthn] TAG review feedback: Align Credential interface with Credential Management?
Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR
- Re: [webauthn] Credential CBOR