W3C home > Mailing lists > Public > public-webauthn@w3.org > November 2017

[webauthn] new commits pushed by balfanz

From: balfanz via GitHub <sysbot+gh@w3.org>
Date: Sat, 11 Nov 2017 23:27:50 +0000
To: public-webauthn@w3.org
Message-ID: <push-31728d316647d93fe26922115a41e982be5abb1d-1510442868-sysbot+gh@w3.org>

The following commits were just pushed by balfanz to https://github.com/w3c/webauthn:

* Give authData and attestationData fields formal names

As suggested in #233.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/9a1c34f0c5fd1b65338e081553f914b2da52ac85

* Add reference to credentialPublicKey
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/6820c710f2872d4604fd0def62ec5bbc1674286b

* Rename attestation data to attested credential data

As suggested in #393.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/2de6bfbb93a35216667efff9a7f6755de2c10b5a

* Update Figure 1 to agree with 2de6bfb
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/7162ea1ac3b88585a29f87951641f15e98acd329

* Remove errant reference to [=attested credential data=]
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/151504eac4b3196e9d24b395af53ae9fcf679905

* Merge branch 'master' into issue-393
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/ab7f16fdfcf1d2ed2eb74df70be2a6597177e644

* Merge branch 'master' into issue-393
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/e8e993ec0b0f03418661e2b8c565dc3e27caba95

* Merge branch 'master' into issue-393
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/042726c60a943fc391527cec202216bd07bd8666

* Name the parameters and variables in authenticatorMakeCredential.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/c4b96d2114d6f6f18fc04f90961dbcd4b8164696

* Link "item" and use tuple rather than pair syntax for keys.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/c514c5af0539c6b847abf0051c0932d8b049370a

* Improve the counter wording.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/29c00ca8a90ec4abc4547663df7bb13af6a394fe

* Merge branch 'master' into issue-393
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/98549bde4320f311772c1fcaf42d7963f67b37dc

* Link attestation statement and -format in §6.1 step 10

As discussed in #561
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/490eeaf49490456b93755a0c82ac0e7811574f2c

* Add a Relying Party conformance class. (#604)

* Add a Relying Party conformance class.

Fixes #88.

* Link "Relying Party".
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/527aaf67e45838baba4d325cf1267504717fc8fc

* Fix merge conflicts
  by J.C. Jones
https://github.com/w3c/webauthn/commit/ea38238bd75789a894ef7ab52abefeb8d5514c0c

* Merge remote-tracking branch 'origin/master' into jyasskin-name-authenticator-params
  by J.C. Jones
https://github.com/w3c/webauthn/commit/7fde1b973f3bcc17bca2ca30e92365d6cf1a0da7

* Merge branch 'jyasskin-name-authenticator-params'
  by J.C. Jones
https://github.com/w3c/webauthn/commit/f6c9ed6d04ae0d695a6bf2659c214404ef3b5e6f

* Fix User.ID example

Make User.ID binary in example 2 in section 11. Closes #598
  by Christiaan Brand
https://github.com/w3c/webauthn/commit/95fd62a3844a95c6cd9065fee90d73e60583f3fc

* Fix #551 - Define a Store method for PublicKeyCredential.

The Store operation isn't defined for PublicKeyCredential, even though it
is inherited from Credential Management. This defines that operation as
always resolving with an error.
  by J.C. Jones
https://github.com/w3c/webauthn/commit/b7613fa71c23d7f52bad394a2d4e8087f1e10453

* Merge pull request #631 from jcjones/551-store

Fix #551 - Define a Store method for PublicKeyCredential.
  by J.C. Jones
https://github.com/w3c/webauthn/commit/fff646941a6b79ced149e1d42bc2f0c4a6f9752e

* Merge pull request #635 from emlun/issue-561

Link attestation statement and -format in §6.1 step 10
  by J.C. Jones
https://github.com/w3c/webauthn/commit/06d5468e5b70ff5476e87188941e87d0cec67c20

* Rewrite the "make an assertion" introduction to clarify how get() works. (#611)

* Rewrite the "make an assertion" introduction to clarify how get() works.

Fixes #566.

* Fix equalsJeffH's comments.

* Clarify the "user may decline" sentence per equalsJeffH.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/97e8af01a1115f589ec21272e258a7b338b09f6a

* update CTAP ref with correct authors and URL (#638)
  by =JeffH
https://github.com/w3c/webauthn/commit/f94ed9180b06571bc0af59d605f56fa520072edf

* Name the parameters and variables in authenticatorGetAssertion.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/9a542186a04aab5ff2552647e394316d33e6f9fa

* s/ID/credential ID/
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/6594dc74bcd89bcfd218d307e054f0fbac3c6112

* Merge pull request #637 from w3c/christiaanbrand-patch-1

Fix User.ID example
  by J.C. Jones
https://github.com/w3c/webauthn/commit/641949fd27a21a929fd17f2d3b95be1006120110

* Merge branch 'master' into issue-393
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/fc94c52a158c5469ea2fcb95e754df4b8508d8f0

* Fix grammar in description of attested credential data length
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1308537fa012d22c872bbab10ba06a811ade6959

* Update to newest bikeshed state
  by J.C. Jones
https://github.com/w3c/webauthn/commit/1b4c2449d471358600fb1b61a73e523e927c475f

* Also update bikshed-include to fix the double-Abstract problem
  by J.C. Jones
https://github.com/w3c/webauthn/commit/6563f2209fba7bfd695080f15800ca9220374b0e

* Link "extension identifier" as requested in #602

https://github.com/w3c/webauthn/pull/602#discussion_r144167932
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/4bb24bfe5ddfd676eafd408efb32f9078ec4733a

* Merge pull request #614 from emlun/issue-393

Fix #393: Rename attestation data to attested credential data
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/408ef307c90c3f80f7c06405b73225924bb7c2e5

* Fix #569 - Add Exposed to all WebIDL interfaces
  by J.C. Jones
https://github.com/w3c/webauthn/commit/a7482798404193a96058f63aabb376b95bf1aad0

* Remove attributes from partial interface definition
  by J.C. Jones
https://github.com/w3c/webauthn/commit/ee174c2aa78b77ffb8de5b9d758333dcc6bb9493

* Only exclude CredIDs matching the RPID

Only credentials in the exclude credentials list that match this RPID should result in a not allowed error.
  by Johan Verrept
https://github.com/w3c/webauthn/commit/d879b79a8c3e7a73d134d63fc84db9948c278a7b

* Fix #561
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b9575efdfd8952ca6e44cc1b733df2f870891d71

* Merge pull request #652 from w3c/issue-561

Fix #561
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/bf41e8ed5cf0e0fe7a2696e6bd82bffac39e767a

* Fix #624 - Change PublicKeyCredential.clientExtensionResults to an operation

The attribute `clientExtensionResults` is a typedef of `record<DOMString, any>`.
The WebIDL spec says "Records must not be used as the type of an attribute
or constant", so this is not legal.

This commit changes the attribute `clientExtensionResults` into an operation
`getClientExtensionResults()`.
  by J.C. Jones
https://github.com/w3c/webauthn/commit/b8c60278ad53479d03a2247e1360c33869f58e92

* fixup algs contd 3 (#498)

* do not call authenticatorMakeCredential() with separate |rpId| fixes #466

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* fixup global object reference per domenic, improves #472

* indent 4.1.4 step 18et al to clarify relation to prior step

* fix line indent

* do not call authenticatorMakeCredential() with separate |rpId| fixes #466

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* fixup global object reference per domenic, improves #472

* indent 4.1.4 step 18et al to clarify relation to prior step

* fix line indent

* post rebase-on-master, fix dangling MakeCredentialOptions

* fix error in resolving rebase conflicts

* further rebase conflict resolution error fixups

* convert switch steps to colon-denotation

* tag 'while'

* primary changes for improving #472 mostly complete

* further issue #472 cleanups

* del 'cancel the timer' from #creatCredential fixes #535

* polish constructResultantCredentialCallback method description

* incorp comments from mikewest at webappsec-credential-management/pull/100

* rebased onto master

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* fixup global object reference per domenic, improves #472

* indent 4.1.4 step 18et al to clarify relation to prior step

* fix line indent

* do not call authenticatorMakeCredential() with separate |rpId| fixes #466

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* post rebase-on-master, fix dangling MakeCredentialOptions

* fix error in resolving rebase conflicts

* convert switch steps to colon-denotation

* tag 'while'

* primary changes for improving #472 mostly complete

* further issue #472 cleanups

* polish constructResultantCredentialCallback method description

* incorp comments from mikewest at webappsec-credential-management/pull/100

* fix indents make BS happy, add some periods

* fix code tags placement

* correct bugs in prior merge conflict resolution, doh

* rm 'the bytes of'

* add missing @@EDITOR-ANCHOR-01A

* auto-number some steps

* re- fix #466 (due to merge-from-master), fix #536

* eliminate callback and just return an algorithm from #createCredential

* continue fix conflicts from merge from master

* fix a couple of issue #466 stragglers in #op-make-cred

* revert to prior AuthenticationExtensions language per jyasskin

* add inline spec issue pointing to issue #657

* minor cleanups, remove issue wrt not explicitly returning |credentialCreationData|

* fix annoying bikeshed warning wrt 'rpEntity'

* correctly fix warning as well as other incorrect markup
  by =JeffH
https://github.com/w3c/webauthn/commit/f1f54951d5e5bffc54bbaf971ef72f091c9cde74

* clarified the ECDAA signing procedure. Close #591 (#641)

* clarified the ECDAA signing procedure. Close #591

* fix indent error

* fix line-indentation make BS happy
  by Rolf Lindemann
https://github.com/w3c/webauthn/commit/01aa320dfad02e768dbfdb2071191cce3e6e18d8

* Fix #574 - Change language for Create and Get to support hotplugging

This is an incomplete fix; a full fix is intended to be handled in Issue #613.

This reorders the Create and Get operations to indicate that the algorithms for
interacting with devices should be applied as devices are hotplugged / arrive.
It does not specify what happens when devices are removed, nor does it use
precise language. I'm not sure what language would be appropriate in this world,
so this patch is just to make things "better" not "correct".

Resolve @equalsJeffH's comments:

1. Define |lifetimeTimer| and make it available to the line that starts the
   hotplugging
2. Use the |lifetimeTimer| for references later in those algorithms to reduce
   confusion
3. Reword the Notes
4. Change the Notes to Issues
  by J.C. Jones
https://github.com/w3c/webauthn/commit/6e0716f1f38c7a89b4bc8d1539d215e43b6a6bf0

* Address @AngeloKai's comments
  by J.C. Jones
https://github.com/w3c/webauthn/commit/7bc3a3e7bb24fbb9c3def88ffd956f47a78226c0

* Address @AngeloKai's comments about lifetimeTimer
  by J.C. Jones
https://github.com/w3c/webauthn/commit/df88d55d3c4d6133c744eaa4cab25a59571ecb84

* Last minute nitfixes
  by J.C. Jones
https://github.com/w3c/webauthn/commit/83da7ff458cff646e9f8773a90a8f767b9c3f36d

* Merge pull request #655 from jcjones/574-hotplugging

Fix #574 - Change language for Create and Get to support hotplugging
  by J.C. Jones
https://github.com/w3c/webauthn/commit/579f6cfe6247606ca7e1ffb455ad9964a4ee9c80

* Change |rpId| to rpEntity.id
  by Johan Verrept
https://github.com/w3c/webauthn/commit/be4c139c8bdf0bc1fab835d63194fcf8b527b814

* Fix #560: ensure #registering-a-new-credential step 10 and the inputs to all attStmt types' verification procedures match (#639)

* Fix #560

* Address review comments

* Link [=authenticator data=] in <dfn>auth...data claimed...attestation</dfn>

* Define attestation trust path
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/e9a9c33d30505f9ab9860a3f292cd1283fb97f80

* Fix getAssertion too.
  by Johan Verrept
https://github.com/w3c/webauthn/commit/4794adbb4ad20e4c0543ad7fb203149c0ce5fda9

* In  this case it is |rpId|
  by Johan Verrept
https://github.com/w3c/webauthn/commit/a242e6a93c6874741385db1943c5e5cef82a9264

* fix #657: where does return value of PublicKeyCredential.getClientExtensionResults() come from?
  by JeffH
https://github.com/w3c/webauthn/commit/5c8dc4923ec502bc43bc3fff4f47070e1d5c26d9

* grammar fix
  by JeffH
https://github.com/w3c/webauthn/commit/5ea8a285b1af248c275a3dd0d471469fbfe32571

* Merge pull request #662 from w3c/jeffh-fixup-algs-contd-5

fix #657: where does return value of PublicKeyCredential.getClientExtensionResults() come from?
  by J.C. Jones
https://github.com/w3c/webauthn/commit/bcb5c110968ae4d3c410a62440b254bf161fd121

* Improved language.
  by Johan Verrept
https://github.com/w3c/webauthn/commit/af041112f1644967731fc340c0ac1bee74e2cea9

* Fix up makeCredential with the same fixes.

Also added a reference to the list item back in the correct place.
  by Johan Verrept
https://github.com/w3c/webauthn/commit/558c01377e5e1cc386fa9cf4c335af528ff7bc04

* Update index.bs
  by Johan Verrept
https://github.com/w3c/webauthn/commit/e051327afd111b69bfd741942b24a139efbe7ebe

* Fix indent.
  by Johan Verrept
https://github.com/w3c/webauthn/commit/6e5f27fb19aebd99583c77c8f4ceb70b8bba54ff

* Define Public Key Credential Source and Credential ID. (#620)

This also redefines "Public Key Credential" to cover private keys, public keys, and assertions, as a willful violation of RFC4949.

Credential ID is defined to explicitly include the possibility that it's the encrypted Credential Source.
  by Jeffrey Yasskin
https://github.com/w3c/webauthn/commit/c647b7099dfc78dcab15998783971efa1ea67987

* Sensible limits for RP and User Entity fields. (#667)
  by Akshay Kumar
https://github.com/w3c/webauthn/commit/0418f3eeb054b57bc541bbf57f689959ae154cd3

* Make PublicKeyCredentialEntity hierarchy required members required in IDL

This resolves #587.

Summary:

- Make member `PublicKeyCredentialEntity.name` required
- Make member `PublicKeyCredentialUserEntity.id` required
- Make member `PublicKeyCredentialUserEntity.displayName` required
- Remove algorithm step from _§5.1.3 Create a new credential_ that
  instructed to throw an exception if any of the above members were
  missing
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/9f5df060fc78da739e408e4aff2e7edd165e6fe3

* Merge pull request #651 from jovasco/patch-1

Only exclude CredIDs matching the RPID
  by J.C. Jones
https://github.com/w3c/webauthn/commit/625bd7acf014bb1664d2b8852883d83dba96b944

* Merge pull request #669 from w3c/issue-587

Fix #587: Make PublicKeyCredentialEntity members required in IDL
  by J.C. Jones
https://github.com/w3c/webauthn/commit/7153b55e8cd8e1bad5b5f57ee1eb7da158695361

* Make create() and get() abortable  (#544)

* do not call authenticatorMakeCredential() with separate |rpId| fixes #466

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* fixup global object reference per domenic, improves #472

* indent 4.1.4 step 18et al to clarify relation to prior step

* fix line indent

* do not call authenticatorMakeCredential() with separate |rpId| fixes #466

* credID returned by authnrGetAssn() is optional if allowCreds has exactly 1 member fixes #472

* fixup global object reference per domenic, improves #472

* indent 4.1.4 step 18et al to clarify relation to prior step

* fix line indent

* post rebase-on-master, fix dangling MakeCredentialOptions

* fix error in resolving rebase conflicts

* further rebase conflict resolution error fixups

* convert switch steps to colon-denotation

* tag 'while'

* primary changes for improving #472 mostly complete

* further issue #472 cleanups

* del 'cancel the timer' from #creatCredential fixes #535

* polish constructResultantCredentialCallback method description

* marked authenticator model section as non-normative

* marked relying party operation section as non-normative

* fix proper subset tweak

* Added abort signal object and steps to webauthn

* fixed a minor issue with linking

* add minor edits to focus on the main things

* getting the blank line correct

* Added a example section to explain how abort should be used

* fix up example

* committing before computer dies

* updated grammars of the example based on feedback

* update example text

* Updated with the section on switching tab; complete the PR

* minor tweak

* finished polishing the spec

* whoops one leftover

* finally figured out how to remove last two linking errors

* take out abortsignal from extension; edit promise rejection
  by Angelo Liao
https://github.com/w3c/webauthn/commit/931b46eece69f5d780ce4b317e3a377a3a67f85c

* fix #254: credman alignment: update #getAssertion section a la PR #498 (#665)

* actually improve #254, and fix #661

* DiscoFrmExtSource(options) -> (origin, options)

* make [[DiscoFrmExtSource]]'s exposition match [[Create]]'s

* deal with yet another fix #254 straggler in [[Create]]

* get rid of |global| in [[DiscoFrmExtSource]]

* remove 'in parallel' and 'global' stuff from #discover-from-external-source alg

* work on #discover-from-external-source alg to improve #254

* finish (one hopes) work on #discover-from-external-source alg to fix #254

* minor editorial

* repair #createCredential intro parag, improves issue #671

* complete fix #671
  by =JeffH
https://github.com/w3c/webauthn/commit/d468a75b6a723867d24add0bd01bd7225acbcdbf

* Modify SafetyNet descriptive text (#643)

* Update index.bs

Biometric Selection Criteria extension

* Update index.bs

* Update index.bs

* Update index.bs

* Update index.bs
  by gmandyam
https://github.com/w3c/webauthn/commit/0e93926d7c77afd07e75002880f15b53e5137bf2

* replaced authenticatio key by credential private key. Close #590
  by rlin1
https://github.com/w3c/webauthn/commit/63564a4ff5261dcd7f1e2e626ce81b7b96ebeb2f

* use the registered ext ids in examples
  by rlin1
https://github.com/w3c/webauthn/commit/40875f1e798bac1cd7f6393c16da39d671e32ebb

* Merge pull request #676 from w3c/fix-590

replaced authentication key by credential private key. Close #590
  by J.C. Jones
https://github.com/w3c/webauthn/commit/cffd22fddf9aec528e30a03548b55146bac13efd

* Updated authnr def (#678)

* updated the definition of authenticator

* updated according to comment
  by Rolf Lindemann
https://github.com/w3c/webauthn/commit/1194ce5b3204240561e0e075342d3ea303c40d4c

* Clarify semantics of isPlatformAuthenticatorAvailable

This closes #627.
  by balfanz
https://github.com/w3c/webauthn/commit/474d0254a0d1db20d77da89b10a5c124148b75d3

* changing name of method

changing name of method to isUserVerifyingPlatformAuthenticatorAvailable
  by balfanz
https://github.com/w3c/webauthn/commit/25a35a9229825dec100e9e65dcf3647c24d6001c

* adding references

Added references to the definition of user verification.
  by balfanz
https://github.com/w3c/webauthn/commit/1dd484021d437d9046b1b65e90c8b0880a5f6606

* Merge pull request #680 from w3c/balfanz-patch-5

Clarify semantics of isPlatformAuthenticatorAvailable
  by balfanz
https://github.com/w3c/webauthn/commit/66c2ec950171b2d47d32ca5025d681e710f6e139

* Fix attestation types supported for each format
  by J.C. Jones
https://github.com/w3c/webauthn/commit/5f4f3e64ae77843d50f85b2f5b632a47f0088c00

* Merge pull request #677 from w3c/consistent-extension-ids-588

use the registered ext ids in examples
  by J.C. Jones
https://github.com/w3c/webauthn/commit/52f3d9ed3c63746728b3c73b72ab7f9899253fbe

* Fix uvm 368 (#675)

* fix copy and paste error

* improve wording
  by Rolf Lindemann
https://github.com/w3c/webauthn/commit/31ddb22449a62bcb05b901234fb29a80281953a6

* Adding a type field to CollectedClientData
  by balfanz
https://github.com/w3c/webauthn/commit/fa787d0238cb97a1535219b2a77d5361f116522d

* adding RP processing rules.
  by balfanz
https://github.com/w3c/webauthn/commit/fda86222f8fb5b2f879bbdb2b9f093299dd42241

* Added explanation...

...as to what this new field is for.
  by balfanz
https://github.com/w3c/webauthn/commit/59683f65dbd7c89234d858d6eef5d598f76e9c23

* Merge pull request #682 from w3c/balfanz-patch-5

Adding a type field to CollectedClientData
  by balfanz
https://github.com/w3c/webauthn/commit/cd591289dfaa8bde2ef729321c5fe9ae943cdc2a

* Nit: "set" -> "pair"
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/641eed3514e210e2ead67a26c6ed3ef259f5383f

* Merge pull request #684 from emlun/nit0

Tiny nit: "pair of cryptographic keys" instead of "set of cryptographic keys"
  by J.C. Jones
https://github.com/w3c/webauthn/commit/e09e0c3d05803018eb6f8841a16a9e436433d3cc

* Merge branch 'master' into balfanz-patch-4
  by balfanz
https://github.com/w3c/webauthn/commit/31728d316647d93fe26922115a41e982be5abb1d
Received on Saturday, 11 November 2017 23:27:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:43 UTC