W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

RE: [webauthn] new commits pushed by leshi

From: Mike Jones <Michael.Jones@microsoft.com>
Date: Wed, 13 Sep 2017 20:48:44 +0000
To: Alexei Czeskis <aczeskis@google.com>
CC: Alexei Czeskis via GitHub <sysbot+gh@w3.org>, "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <CY4PR21MB050460ABBAF27BDE7ED67652F56E0@CY4PR21MB0504.namprd21.prod.outlook.com>
I just got onto a real computer and checked. These option names *are* passed as strings to authenticators. That’s why we choose the short names – with longer descriptive names in the text.

See line 306 of fido-client-to-aurhenticator-protocol.html (master as of 10am yesterday) to see where the string “rk” is used as a parameter.  “uv” is in line 312.

Again, please revert these name changes, as they introduce unnecessary inconsistencies and were apparently accepted on the false premise that the string values are not used in the protocol. They are used in the protocol.

– Mike

From: Mike Jones<mailto:Michael.Jones@microsoft.com>
Sent: Wednesday, September 13, 2017 1:28 PM
To: Alexei Czeskis<mailto:aczeskis@google.com>
Cc: Alexei Czeskis via GitHub<mailto:sysbot+gh@w3.org>; public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: RE: [webauthn] new commits pushed by leshi

I’m referring to using the new different long names in WebAuthn and the existing short names in CTAP when they refer to the same things.

From: Alexei Czeskis<mailto:aczeskis@google.com>
Sent: Wednesday, September 13, 2017 1:25 PM
To: Mike Jones<mailto:Michael.Jones@microsoft.com>
Cc: Alexei Czeskis via GitHub<mailto:sysbot+gh@w3.org>; public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: Re: [webauthn] new commits pushed by leshi

Yes, the PRs were reviewed in today's call.

> using different names for the same things in different places is a big step in the wrong direction.
Not sure what you're referring to here.  Commits vs PRs?


Thanks!
-Alexei


________________

            . Alexei Czeskis .:. Securineer .

On Wed, Sep 13, 2017 at 1:21 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:
Were the PRs reviewed on today’s call? I still think that using different names for the same things in different places is a big step in the wrong direction.

From: Alexei Czeskis<mailto:aczeskis@google.com>
Sent: Wednesday, September 13, 2017 1:18 PM
To: Mike Jones<mailto:Michael.Jones@microsoft.com>
Cc: Alexei Czeskis via GitHub<mailto:sysbot+gh@w3.org>; public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: Re: [webauthn] new commits pushed by leshi

These were all merged into master as part of PRs, not directly.


Thanks!
-Alexei


________________

            . Alexei Czeskis .:. Securineer .

On Wed, Sep 13, 2017 at 1:14 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:
s/our a lot of effort/put a lot of effort/

From: Mike Jones<mailto:Michael.Jones@microsoft.com>
Sent: Wednesday, September 13, 2017 1:07 PM
To: Alexei Czeskis via GitHub<mailto:sysbot+gh@w3.org>; public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: RE: [webauthn] new commits pushed by leshi


I'm looking at this from a phone and so may be confused, but it looks to me like these changes were pushed to master rather than put into a PR for review. If so, please revert these changes.



We have our a lot of effort into keeping the names in WebAuthn in sync with CTAP. This change is an unnecessary departure from this policy, which will confuse readers for no good reason.



From: Alexei Czeskis via GitHub<mailto:sysbot+gh@w3.org>
Sent: Wednesday, September 13, 2017 10:20 AM
To: public-webauthn@w3.org<mailto:public-webauthn@w3.org>
Subject: [webauthn] new commits pushed by leshi



The following commits were just pushed by leshi to https://github.com/w3c/webauthn:

* using descriptive names for authenticator selection criteria (#555)

Since we don't directly send the values of the AuthenticatorSelectionCriteria dictionary keys over the wire, it's ok to leave these values in a human-readable form.
  by balfanz
https://github.com/w3c/webauthn/commit/dcf793928221b1883f4c9ac4dd5264b570606e52
Received on Wednesday, 13 September 2017 20:49:10 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC