W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

[w3c/webauthn] ac8908: Plumb User ID through

From: GitHub <noreply@github.com>
Date: Wed, 11 Oct 2017 10:50:41 -0700
To: public-webauthn@w3.org
Message-ID: <59de59f11bfb0_18dd3fbb3449bc349239b@hookshot-fe5-cp1-prd.iad.github.net.mail>
  Branch: refs/heads/sign-counter-alg-507
  Home:   https://github.com/w3c/webauthn
  Commit: ac89087f42ac3875f5dde3d581c1c85bc830609c
      https://github.com/w3c/webauthn/commit/ac89087f42ac3875f5dde3d581c1c85bc830609c
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Plumb User ID through

We need to plumb the custom user id that the RP gave the authenticator during MakeCredential back through to the RP when doing getAssertion.


  Commit: 3e0d2915aab90bccbd7d8ae89aa484db4fb712e8
      https://github.com/w3c/webauthn/commit/3e0d2915aab90bccbd7d8ae89aa484db4fb712e8
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: c96b64bee7bbd918317d5a6b3865fc8f10f280d4
      https://github.com/w3c/webauthn/commit/c96b64bee7bbd918317d5a6b3865fc8f10f280d4
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: f6499b2a7f85b2f2d3a14efda265f2fb75f94bf0
      https://github.com/w3c/webauthn/commit/f6499b2a7f85b2f2d3a14efda265f2fb75f94bf0
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: 0ce6b12b54d40a34c1ea535d2c59555677921b18
      https://github.com/w3c/webauthn/commit/0ce6b12b54d40a34c1ea535d2c59555677921b18
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: 92f4b3218a8aa711e39a4385e87d48c3bf25618c
      https://github.com/w3c/webauthn/commit/92f4b3218a8aa711e39a4385e87d48c3bf25618c
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-08 (Fri, 08 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: eb401b78e218af43715e426ea1825fc14966113d
      https://github.com/w3c/webauthn/commit/eb401b78e218af43715e426ea1825fc14966113d
  Author: Alexei Czeskis <alexei@czeskis.com>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Remove user agent getting user consent sentence (#553)

Closes #552


  Commit: dcf793928221b1883f4c9ac4dd5264b570606e52
      https://github.com/w3c/webauthn/commit/dcf793928221b1883f4c9ac4dd5264b570606e52
  Author: balfanz <dirk@balfanz.net>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  using descriptive names for authenticator selection criteria (#555)

Since we don't directly send the values of the AuthenticatorSelectionCriteria dictionary keys over the wire, it's ok to leave these values in a human-readable form.


  Commit: 5e2f228d76005a767f2c4e94f1af6b8c2c7d717d
      https://github.com/w3c/webauthn/commit/5e2f228d76005a767f2c4e94f1af6b8c2c7d717d
  Author: Alexei Czeskis <alexei@czeskis.com>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: db1be8059b02cb8981fbe0229f6d1eebaedb9505
      https://github.com/w3c/webauthn/commit/db1be8059b02cb8981fbe0229f6d1eebaedb9505
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix Android attestation (#546)

* Fix Android attestation

Android attestation had a circular dependency on the public key: The authenticatorData has a public key that was originally intended to be stuck in the ChallengeData for generating a new keypair. When calling this function the public key isn't available to us yet. We have made a change to bring this in line with other attestation formats (ie. packed attestation).

* Update index.bs

* Update index.bs


  Commit: 25dfc77228d74440711ff36ff72b81ba77e40669
      https://github.com/w3c/webauthn/commit/25dfc77228d74440711ff36ff72b81ba77e40669
  Author: Alexei Czeskis <alexei@czeskis.com>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: f6f85172b064d72ca036fede2ff67188ac888a76
      https://github.com/w3c/webauthn/commit/f6f85172b064d72ca036fede2ff67188ac888a76
  Author: Alexei Czeskis <alexei@czeskis.com>
  Date:   2017-09-13 (Wed, 13 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update index.bs


  Commit: 6e45cc14c885fa3196519484ee6a08a419a31576
      https://github.com/w3c/webauthn/commit/6e45cc14c885fa3196519484ee6a08a419a31576
  Author: christiaanbrand <christiaan@entersekt.com>
  Date:   2017-09-18 (Mon, 18 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify Safetynet attestation return value

Clarify the encoding of SafetyNet attestation as a UTF8 encoded string. Closes #563


  Commit: 5502d42d31d1aa5b6bc79f686cfecf0c6dbf04f5
      https://github.com/w3c/webauthn/commit/5502d42d31d1aa5b6bc79f686cfecf0c6dbf04f5
  Author: balfanz <dirk@balfanz.net>
  Date:   2017-09-18 (Mon, 18 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarifying signing procedure for U2F attestation

This closes #530


  Commit: f37cfc5dfd074832ab61ed299d1ee7d2a6f5c724
      https://github.com/w3c/webauthn/commit/f37cfc5dfd074832ab61ed299d1ee7d2a6f5c724
  Author: Angelo Liao <huliao@microsoft.com>
  Date:   2017-09-20 (Wed, 20 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Address security and privacy issues witht the iconURL (#545)

* fix proper subset tweak

* added a priori constraint on iconURL per credman spec

* reference the CR version of Mixed Content instead of editors draft


  Commit: 67e922c011aeb2668fd7adfaf75d7f3b7a28cb6c
      https://github.com/w3c/webauthn/commit/67e922c011aeb2668fd7adfaf75d7f3b7a28cb6c
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-22 (Fri, 22 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify excludeCredentialDescriptorList (#573)

Add more clarity around the use of excludeCredentialDescriptorList. Closes #567.


  Commit: ee912eeef7cccfb95197938253c956619bb3a8ca
      https://github.com/w3c/webauthn/commit/ee912eeef7cccfb95197938253c956619bb3a8ca
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-23 (Sat, 23 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix reference to UTF8


  Commit: 3e86e705a5ad41f163df76649370e13c5045fb73
      https://github.com/w3c/webauthn/commit/3e86e705a5ad41f163df76649370e13c5045fb73
  Author: J.C. Jones <jc@mozilla.com>
  Date:   2017-09-25 (Mon, 25 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix #577 - CDDL for attStmtTemplate is ambiguous

There are multiple definitions of `attStmtType`; the template defines it
to be `bytes`, while each concrete instance of the template defines it
as a map. This clarifies that it is always a map, since the ".within" control
operator for CDDL defines that the socket `$$attStmtType` to be the superset of
`attStmtTemplate`. [1]

[1] https://tools.ietf.org/html/draft-ietf-cbor-cddl-00#section-3.8.5


  Commit: 4aa72b65ac0a05e8e21ed64d34249a3eae916eed
      https://github.com/w3c/webauthn/commit/4aa72b65ac0a05e8e21ed64d34249a3eae916eed
  Author: James Barclay <futureimperfect@users.noreply.github.com>
  Date:   2017-09-27 (Wed, 27 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix syntax errors in JavaScript examples.


  Commit: 2ec526743c1fe42ea602fa31d47eed9800a0daf9
      https://github.com/w3c/webauthn/commit/2ec526743c1fe42ea602fa31d47eed9800a0daf9
  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clean up COSEAlgorithmIdentifier loose ends (#580)

Clean up COSEAlgorithmIdentifier loose ends


  Commit: 26552c41d086f46be877018dc2c8b059178ccaec
      https://github.com/w3c/webauthn/commit/26552c41d086f46be877018dc2c8b059178ccaec
  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Make user.id a byte array (#586)

Make user.id a byte array


  Commit: 0141d97cd79d1bf869b47eb72d4552b729a0ec5c
      https://github.com/w3c/webauthn/commit/0141d97cd79d1bf869b47eb72d4552b729a0ec5c
  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Corrected inaccuracy in authenticator extension processing description


  Commit: 96b9a982b235144816abaaa6517d364eef8dd824
      https://github.com/w3c/webauthn/commit/96b9a982b235144816abaaa6517d364eef8dd824
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #571 from w3c/balfanz-patch-2

Clarifying signing procedure for U2F attestation


  Commit: 6589a1013cd776da57d704eb8508fcd53fa6cc88
      https://github.com/w3c/webauthn/commit/6589a1013cd776da57d704eb8508fcd53fa6cc88
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #572 from christiaanbrand/patch-4

Clarify Safetynet attestation return value


  Commit: d96d7668a53bfc463968bedc9d9b95cd64add262
      https://github.com/w3c/webauthn/commit/d96d7668a53bfc463968bedc9d9b95cd64add262
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #595 from futureimperfect/master

Fix syntax errors in JavaScript examples.


  Commit: 3ee8ed586c2ce62f7a4180cb9dcf0d8d8e5f87cc
      https://github.com/w3c/webauthn/commit/3ee8ed586c2ce62f7a4180cb9dcf0d8d8e5f87cc
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-09-28 (Thu, 28 Sep 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #596 from selfissued/mbj-extension-description-tweak

Corrected inaccuracy in authenticator extension processing description


  Commit: e63537fcc62af6f0f9768d0e992bf0627b8f6f7b
      https://github.com/w3c/webauthn/commit/e63537fcc62af6f0f9768d0e992bf0627b8f6f7b
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-10-02 (Mon, 02 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Change user id to user handle


  Commit: 17539f571cff60af8bbe236f958aa023d917fd45
      https://github.com/w3c/webauthn/commit/17539f571cff60af8bbe236f958aa023d917fd45
  Author: Emil Lundberg <emil@yubico.com>
  Date:   2017-10-03 (Tue, 03 Oct 2017)

  Changed paths:
    M .gitignore
    M README.md
    A vagrant/bikeshed/README.md
    A vagrant/bikeshed/Vagrantfile
    A vagrant/bikeshed/provision.sh

  Log Message:
  -----------
  Add Vagrantfile for a VM with bikeshed installed


  Commit: 23b91fbb455dd3cc84e071c0dab50a3570beea79
      https://github.com/w3c/webauthn/commit/23b91fbb455dd3cc84e071c0dab50a3570beea79
  Author: Christiaan Brand <christiaan@entersekt.com>
  Date:   2017-10-04 (Wed, 04 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #558 from christiaanbrand/patch-2

Plumb User ID through


  Commit: 1f0d783dbc9c459098d50da551c4cfbf5ff8d02b
      https://github.com/w3c/webauthn/commit/1f0d783dbc9c459098d50da551c4cfbf5ff8d02b
  Author: rlin1 <rolf@noknok.com>
  Date:   2017-10-04 (Wed, 04 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge branch 'master' into sign-counter-alg-507


  Commit: 5630b47a7d08b291607ed1c4215afea4c0091fed
      https://github.com/w3c/webauthn/commit/5630b47a7d08b291607ed1c4215afea4c0091fed
  Author: J.C. Jones <jc@mozilla.com>
  Date:   2017-10-04 (Wed, 04 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Updates per jyasskin review, referencing CDDL 3.5.1

https://tools.ietf.org/html/draft-ietf-cbor-cddl-00#page-18


  Commit: 0cae38154c59cf4760e7dfed00f2c44e298f8c9f
      https://github.com/w3c/webauthn/commit/0cae38154c59cf4760e7dfed00f2c44e298f8c9f
  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2017-10-04 (Wed, 04 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #581 from jcjones/577-cddl_attStmt_type

Fix #577 - CDDL for attStmtTemplate is ambiguous


  Commit: 089c10e16bdcda0bd75db1d7f1d6a2be21304e08
      https://github.com/w3c/webauthn/commit/089c10e16bdcda0bd75db1d7f1d6a2be21304e08
  Author: Jeffrey Yasskin <jyasskin@chromium.org>
  Date:   2017-10-05 (Thu, 05 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Number the steps in the authenticator operations.


  Commit: 670ecb37e810efaa527f2068685315e32204912b
      https://github.com/w3c/webauthn/commit/670ecb37e810efaa527f2068685315e32204912b
  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2017-10-09 (Mon, 09 Oct 2017)

  Changed paths:
    M .gitignore
    M README.md
    A vagrant/bikeshed/README.md
    A vagrant/bikeshed/Vagrantfile
    A vagrant/bikeshed/provision.sh

  Log Message:
  -----------
  Merge pull request #612 from emlun/vagrant-bikeshed

Tools: Add Vagrantfile for a VM with bikeshed installed


  Commit: e74d8c4da2813559086fa32a28bdc6c576d54c1f
      https://github.com/w3c/webauthn/commit/e74d8c4da2813559086fa32a28bdc6c576d54c1f
  Author: Emil Lundberg <lundberg.emil@gmail.com>
  Date:   2017-10-10 (Tue, 10 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix #609: Formally define User Handle (#616)

- Formally define User Handle
- Rename "user id" and similar terms to "user handle" everywhere
- Change name and type of `AuthenticatorAssertionResponse` field `DOMString userId` to `ArrayBuffer userHandle`
- `PublicKeyCredentialUserEntity.id` is not renamed, but it is now referred to as the "user handle"

This does not:

- Formally define the term "user account".
- Improve the privacy considerations around returning `userHandle`, as suggested in #578.


  Commit: 8b23fb85f33c03e0420fb8182d9d774012546fd9
      https://github.com/w3c/webauthn/commit/8b23fb85f33c03e0420fb8182d9d774012546fd9
  Author: Jeffrey Yasskin <jyasskin@gmail.com>
  Date:   2017-10-11 (Wed, 11 Oct 2017)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Rewrite Generating an Attestation Object as an algorithm. (#600)

This replaces the "first generate the authenticator data" step with an input
because that's how it's called.


  Commit: 6062acb510d4cfe1e3045a04bc100e95f95b27fa
      https://github.com/w3c/webauthn/commit/6062acb510d4cfe1e3045a04bc100e95f95b27fa
  Author: rlin1 <rolf@noknok.com>
  Date:   2017-10-11 (Wed, 11 Oct 2017)

  Changed paths:
    M .gitignore
    M README.md
    M index.bs
    A vagrant/bikeshed/README.md
    A vagrant/bikeshed/Vagrantfile
    A vagrant/bikeshed/provision.sh

  Log Message:
  -----------
  resolved auto-merge conflicts


Compare: https://github.com/w3c/webauthn/compare/4a376bf198f8...6062acb510d4
Received on Wednesday, 11 October 2017 17:51:06 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC