09/06/2017 W3C Web Authentication WG Meeting Agenda
09/13/2017 W3C Web Authentication WG Meeting Agenda
09/20/2017 W3C Web Authentication WG Meeting Agenca
@@EDITOR-ANCHOR in index.bs?
[w3c/webauthn]
[w3c/webauthn] 0141d9: Corrected inaccuracy in authenticator extension pr...
- GitHub (Thursday, 28 September)
[w3c/webauthn] 14adaa: Built by Travis-CI: eb401b78e218af43715e426ea1825f...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] 14c273: fix proper subset tweak (#542)
[w3c/webauthn] 1559de: Remove user agent getting user consent sentence
[w3c/webauthn] 1dce39: Built by Travis-CI: db1be8059b02cb8981fbe0229f6d1e...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] 1f096d: incorp comments from mikewest at webappsec-credent...
[w3c/webauthn] 20827e: typo
[w3c/webauthn] 2465b4: updating signcounter consideration according to su...
- GitHub (Wednesday, 13 September)
- GitHub (Tuesday, 12 September)
[w3c/webauthn] 26552c: Make user.id a byte array (#586)
- GitHub (Thursday, 28 September)
[w3c/webauthn] 27d71f: Built by Travis-CI: 6589a1013cd776da57d704eb8508fc...
- GitHub (Thursday, 28 September)
[w3c/webauthn] 2ec526: Clean up COSEAlgorithmIdentifier loose ends (#580)
- GitHub (Thursday, 28 September)
[w3c/webauthn] 42a7e6: Built by Travis-CI: d96d7668a53bfc463968bedc9d9b95...
- GitHub (Thursday, 28 September)
[w3c/webauthn] 467f31: Built by Travis-CI: 2ec526743c1fe42ea602fa31d47eed...
- GitHub (Thursday, 28 September)
[w3c/webauthn] 4a376b: removed signing procedure details and referred to ...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] 4aa72b: Fix syntax errors in JavaScript examples.
- GitHub (Thursday, 28 September)
[w3c/webauthn] 515acc: Built by Travis-CI: 14c2733ca6a4a9568e4c48fef1b870...
[w3c/webauthn] 5502d4: Clarifying signing procedure for U2F attestation
- GitHub (Thursday, 28 September)
- GitHub (Monday, 18 September)
[w3c/webauthn] 5e5060: Built by Travis-CI: 3ee8ed586c2ce62f7a4180cb9dcf0d...
- GitHub (Thursday, 28 September)
[w3c/webauthn] 67e922: Clarify excludeCredentialDescriptorList (#573)
[w3c/webauthn] 6e45cc: Clarify Safetynet attestation return value
- GitHub (Thursday, 28 September)
[w3c/webauthn] 757240: Built by Travis-CI: 67e922c011aeb2668fd7adfaf75d7f...
[w3c/webauthn] 7a8ad4: more corrections according to the comments in the ...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] 8e8219: Built by Travis-CI: f37cfc5dfd074832ab61ed299d1ee7...
- GitHub (Wednesday, 20 September)
[w3c/webauthn] 92b5bf: addressed second last comment
- GitHub (Wednesday, 13 September)
[w3c/webauthn] a1b998: fix indents make BS happy, add some periods
- GitHub (Saturday, 30 September)
[w3c/webauthn] a7dd80: Built by Travis-CI: 26552c41d086f46be877018dc2c8b0...
- GitHub (Thursday, 28 September)
[w3c/webauthn] ad54fb: correction: bikeshed still wants spaces - not tabs
[w3c/webauthn] bc8e9a: corrected phrase as indicated by equalsJeffH
[w3c/webauthn] d9d171: Built by Travis-CI: 96b9a982b235144816abaaa6517d36...
- GitHub (Thursday, 28 September)
[w3c/webauthn] db1be8: Fix Android attestation (#546)
- GitHub (Wednesday, 13 September)
[w3c/webauthn] dcf793: using descriptive names for authenticator selectio...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] df905a: using descriptive names for authenticator selectio...
[w3c/webauthn] eb401b: Remove user agent getting user consent sentence (#...
- GitHub (Wednesday, 13 September)
[w3c/webauthn] ee384b: added alternative: MSB to indicate signCounter sup...
- GitHub (Tuesday, 12 September)
[w3c/webauthn] f37cfc: Address security and privacy issues witht the icon...
- GitHub (Wednesday, 20 September)
[w3c/webauthn] f8943a: Built by Travis-CI: dcf793928221b1883f4c9ac4dd5264...
- GitHub (Wednesday, 13 September)
[webauthn] "Authenticator extension processing" is likely wrong
[webauthn] "might be present on this authenticator" could use a clearer definition
[webauthn] "WebAuthn Authenticator model" seemingly prohibits random AAGUIDs (minor)
[webauthn] #createCredential step 12 incorrectly refers to a timer
[webauthn] #registering-a-new-credential step 10 breakage
[webauthn] .store() is confusing
[webauthn] [PR 384] Does requireUserMediation() make sense after merge
[webauthn] Add [Exposed] to all interfaces
[webauthn] Add credential type uaf
[webauthn] Add uaf attestation format
[webauthn] address needs of various webauthn spec audiences
[webauthn] Address security and privacy issues witht the iconURL
[webauthn] An issue about setAttestationChallenge() in "android-key" attestation statement
[webauthn] Android SafetyNet Attestation lacks information on authenticator provenance
[webauthn] Authenticator selection extension - should makeCredential fail if no specified authenticator can be found?
[webauthn] Authenticator selection extension needs to define snapshotting behavior
[webauthn] authenticatorGetAssertion showing selection UI for external authenticators
[webauthn] authenticatorMakeCredential has an excludeCredentialDescriptorList parameter, but doesn't do anything with it
[webauthn] basicIntegrity in SafetyNet documentation not sufficiently defined
- John Bradley via GitHub (Friday, 8 September)
- Jeffrey Yasskin via GitHub (Friday, 8 September)
- gmandyam via GitHub (Thursday, 7 September)
- Mike Jones via GitHub (Thursday, 7 September)
- gmandyam via GitHub (Thursday, 7 September)
- gmandyam via GitHub (Thursday, 7 September)
- Mike Jones via GitHub (Thursday, 7 September)
- Anthony Nadalin via GitHub (Thursday, 7 September)
- gmandyam via GitHub (Thursday, 7 September)
- Anthony Nadalin via GitHub (Thursday, 7 September)
[webauthn] CDDL for attStmtType is confusing
[webauthn] change "credential public key" to "user public key"
[webauthn] Change user.id examples to binary encoding.
[webauthn] Clarify excludeCredentialDescriptorList
[webauthn] Clean up COSEAlgorithmIdentifier loose ends
[webauthn] Consider allowing authenticators to randomise signed hashes.
[webauthn] Consider dropping requirement for TUP on create()
- Akshay Kumar via GitHub (Tuesday, 19 September)
- christiaanbrand via GitHub (Monday, 18 September)
- Anthony Nadalin via GitHub (Friday, 15 September)
- balfanz via GitHub (Thursday, 14 September)
- Akshay Kumar via GitHub (Thursday, 14 September)
- Akshay Kumar via GitHub (Thursday, 14 September)
- balfanz via GitHub (Thursday, 14 September)
- Anthony Nadalin via GitHub (Thursday, 14 September)
- balfanz via GitHub (Thursday, 14 September)
- Anthony Nadalin via GitHub (Thursday, 14 September)
- balfanz via GitHub (Thursday, 14 September)
[webauthn] Consider requiring canonical CBOR throughout
[webauthn] Consider using USVString instead of DOMString sometimes
[webauthn] Correct uses of "JSON string" versus "DOMString" and other string terminology usage
[webauthn] Credential ID uniqueness expectations are inconsistent/vague
- Emil Lundberg via GitHub (Monday, 25 September)
- Johan Verrept via GitHub (Monday, 25 September)
- Christiaan Brand via GitHub (Monday, 25 September)
- Ki-Eun Shin via GitHub (Monday, 25 September)
- Emil Lundberg via GitHub (Monday, 25 September)
- Ki-Eun Shin via GitHub (Monday, 25 September)
- Emil Lundberg via GitHub (Sunday, 24 September)
- Johan Verrept via GitHub (Sunday, 24 September)
- John Bradley via GitHub (Friday, 22 September)
- Johan Verrept via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- Johan Verrept via GitHub (Friday, 22 September)
- Akshay Kumar via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
[webauthn] ctsprofilematch in SafetyNet documentation not sufficiently defined
[webauthn] Description of attestation signature generation for ECDAA needs to be fixed.
[webauthn] Display name content rules?
[webauthn] Drop UAF references in favor of better explanation
[webauthn] ensure #registering-a-new-credential step 10 and the inputs to all attStmt types' verification procedures match
[webauthn] Examples should include non-ASCII [editorial]
[webauthn] Extension identifiers in examples are inconsistent with registered identifiers
[webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with AAGUID
[webauthn] Fix Android attestation
[webauthn] Fix syntax errors in JavaScript examples.
[webauthn] fixup algs contd 3
[webauthn] How should the browser handle CredentialMediationRequirement for public key credentials?
[webauthn] imageURL privacy
[webauthn] impl guidelines for signature counter
[webauthn] Include Constants for COSE Algorithm Numbers
[webauthn] include public key in PublicKeyCredential
[webauthn] include public key in result from create()
- Angelo Liao via GitHub (Wednesday, 27 September)
- balfanz via GitHub (Wednesday, 27 September)
- Emil Lundberg via GitHub (Wednesday, 20 September)
- Akshay Kumar via GitHub (Tuesday, 19 September)
- balfanz via GitHub (Tuesday, 19 September)
- Jeffrey Yasskin via GitHub (Tuesday, 19 September)
- Emil Lundberg via GitHub (Tuesday, 19 September)
- balfanz via GitHub (Monday, 18 September)
- Anthony Nadalin via GitHub (Friday, 15 September)
- Angelo Liao via GitHub (Friday, 15 September)
- Emil Lundberg via GitHub (Friday, 15 September)
- Alexei Czeskis via GitHub (Thursday, 14 September)
- Angelo Liao via GitHub (Thursday, 14 September)
- Angelo Liao via GitHub (Thursday, 14 September)
- Ibrahim Damlaj via GitHub (Thursday, 14 September)
- Anthony Nadalin via GitHub (Wednesday, 13 September)
- Akshay Kumar via GitHub (Saturday, 9 September)
- balfanz via GitHub (Friday, 8 September)
[webauthn] Incorrect feedback link in 20160531 WD
[webauthn] incosistent concatenation symbols - notational conventions section?
[webauthn] isPlatformAuthenticatorAvailable() timeout really 10 minutes?
[webauthn] It would be nice if the definition of "Scoped Credential" said something about what `identifier` and `type` are
[webauthn] Key types and algorithms are confusing
[webauthn] keyType: "public-key" is superfluous
- Rolf Lindemann via GitHub (Wednesday, 20 September)
- balfanz via GitHub (Friday, 15 September)
- Alexei Czeskis via GitHub (Thursday, 14 September)
- Rolf Lindemann via GitHub (Thursday, 14 September)
- Alexei Czeskis via GitHub (Thursday, 14 September)
- Alexei Czeskis via GitHub (Thursday, 14 September)
- Rolf Lindemann via GitHub (Tuesday, 12 September)
- =JeffH via GitHub (Tuesday, 12 September)
- Anthony Nadalin via GitHub (Friday, 8 September)
- balfanz via GitHub (Friday, 8 September)
[webauthn] Make AuthenticatorSelectionCriteria more complete.
[webauthn] Make create() and get() abortable
[webauthn] Make packed attestation format Privacy CA-friendly
[webauthn] makeCredential should be more precise than NotAllowedError in its last step
[webauthn] Move {#sample-scenarios} (currently Section 10) to the top of the doc
[webauthn] musings wrt webauthn's profile of COSE_Key
[webauthn] Must returned extensions be mathematically proper subsets of requested extensions?
[webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
[webauthn] Need to fix android key attestation verification procedure
[webauthn] Need to remove the term "authentication key" in self attestation description
[webauthn] new commits pushed by AngeloKai
[webauthn] new commits pushed by balfanz
[webauthn] new commits pushed by christiaanbrand
[webauthn] new commits pushed by equalsJeffH
[webauthn] new commits pushed by leshi
- Alexei Czeskis (Wednesday, 13 September)
- Mike Jones (Wednesday, 13 September)
- Mike Jones (Wednesday, 13 September)
- Alexei Czeskis (Wednesday, 13 September)
- Mike Jones (Wednesday, 13 September)
- Alexei Czeskis (Wednesday, 13 September)
- Mike Jones (Wednesday, 13 September)
- Mike Jones (Wednesday, 13 September)
- Alexei Czeskis via GitHub (Wednesday, 13 September)
- Alexei Czeskis via GitHub (Wednesday, 13 September)
- Alexei Czeskis via GitHub (Wednesday, 13 September)
- Alexei Czeskis via GitHub (Friday, 8 September)
[webauthn] new commits pushed by rlin1
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Tuesday, 12 September)
- Rolf Lindemann via GitHub (Tuesday, 12 September)
- Rolf Lindemann via GitHub (Monday, 11 September)
- Rolf Lindemann via GitHub (Monday, 11 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
[webauthn] new commits pushed by selfissued
[webauthn] new commits pushed by WebAuthnBot
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Thursday, 28 September)
- WebAuthnBot via GitHub (Friday, 22 September)
- WebAuthnBot via GitHub (Wednesday, 20 September)
- WebAuthnBot via GitHub (Wednesday, 13 September)
- WebAuthnBot via GitHub (Wednesday, 13 September)
- WebAuthnBot via GitHub (Wednesday, 13 September)
- WebAuthnBot via GitHub (Friday, 1 September)
[webauthn] New research suggest using ED512 instead of ED256.
[webauthn] No description regarding representation of credential Id length
[webauthn] No way to select an intended authenticator during authentication with attachment info
[webauthn] Not clear what to do with cross platform authenticators during make-an-assertion step
[webauthn] Not clear what's executed in parallel in Section 4.1.3, Step 24.3
[webauthn] Not necessary to pass AuthenticatorSelectionCriteria members to authenticatorMakeCredential()
[webauthn] Nothing required in PublicKeyCredentialEntity
[webauthn] parameter lists in #createCredential and #op-make-cred do not match
[webauthn] Plumb User ID through
- Christiaan Brand via GitHub (Thursday, 28 September)
- Johan Verrept (Sunday, 24 September)
- Emil Lundberg via GitHub (Saturday, 23 September)
- Anthony Nadalin via GitHub (Friday, 22 September)
- Christiaan Brand via GitHub (Friday, 22 September)
- Christiaan Brand via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- John Bradley (Friday, 22 September)
- Akshay Kumar via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- Akshay Kumar via GitHub (Friday, 22 September)
- Akshay Kumar via GitHub (Friday, 22 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- Jakob Ehrensvärd (Thursday, 21 September)
- Alexei Czeskis via GitHub (Thursday, 21 September)
- Johan Verrept via GitHub (Thursday, 21 September)
- Christiaan Brand via GitHub (Wednesday, 20 September)
- Jeffrey Yasskin via GitHub (Wednesday, 20 September)
- Christiaan Brand via GitHub (Wednesday, 20 September)
- Jeffrey Yasskin via GitHub (Tuesday, 19 September)
- Emil Lundberg via GitHub (Tuesday, 19 September)
- christiaanbrand via GitHub (Monday, 18 September)
- Emil Lundberg via GitHub (Friday, 15 September)
- Alexei Czeskis via GitHub (Thursday, 14 September)
[webauthn] PR#498 fixup algs contd 3
[webauthn] preventSilentAccess() -- what effect does calling it have?
[webauthn] Privacy Considerations should describe risks of storing userID/displayName in "second-factor" authenticators
[webauthn] PublicKeyCredentialDescriptor.id and PublicKeyCredentialEntity.id type differ
- Ackermann Yuriy via GitHub (Friday, 8 September)
- Angelo Liao via GitHub (Friday, 8 September)
- Angelo Liao via GitHub (Friday, 8 September)
- Angelo Liao via GitHub (Friday, 8 September)
- Ackermann Yuriy via GitHub (Friday, 8 September)
- Angelo Liao via GitHub (Friday, 8 September)
- Ackermann Yuriy via GitHub (Friday, 8 September)
- Angelo Liao via GitHub (Thursday, 7 September)
- Angelo Liao via GitHub (Thursday, 7 September)
- Anthony Nadalin via GitHub (Thursday, 7 September)
[webauthn] RawId vs Id is confusing
[webauthn] Refine meaning of PublicKeyCredentialType to be "signature & assertion format (and version thereof)"
[webauthn] Remove "proper subset" from extension algorithm
[webauthn] remove "required" on ScopedCredentialDescriptor.id
[webauthn] Remove user agent getting user consent sentence
[webauthn] rename "attestation data" to be "attested credential"
[webauthn] Replace Authenticator Model with CTAP
[webauthn] Restore identifier alignment with CTAP and WD-06
[webauthn] restrict WebAuthentication API to only top level browsing context
[webauthn] RP guidelines should allow RP to not check attestation
[webauthn] Safetynet attestation does not return byte array as a response.
[webauthn] should authenticatorExtensions really be a dictionary?
[webauthn] Sign counter alg 507
- Akshay Kumar via GitHub (Friday, 22 September)
- Anthony Nadalin via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Tuesday, 12 September)
- =JeffH via GitHub (Tuesday, 12 September)
- John Bradley (Monday, 11 September)
- Rolf Lindemann via GitHub (Monday, 11 September)
- Adam Langley via GitHub (Monday, 11 September)
- Johan Verrept via GitHub (Monday, 11 September)
- Johan Verrept via GitHub (Monday, 11 September)
- Adam Langley via GitHub (Saturday, 9 September)
- John Bradley via GitHub (Saturday, 9 September)
- Jakob Ehrensvard via GitHub (Friday, 8 September)
- John Bradley via GitHub (Friday, 8 September)
- Adam Langley via GitHub (Friday, 8 September)
- Emil Lundberg via GitHub (Friday, 8 September)
- John Bradley via GitHub (Friday, 8 September)
- christiaanbrand via GitHub (Friday, 8 September)
- John Bradley via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- christiaanbrand via GitHub (Friday, 8 September)
- christiaanbrand via GitHub (Friday, 8 September)
- Anthony Nadalin via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- Rolf Lindemann via GitHub (Friday, 8 September)
- John Bradley via GitHub (Wednesday, 6 September)
- Rolf Lindemann via GitHub (Wednesday, 6 September)
- John Bradley via GitHub (Wednesday, 6 September)
- Akshay Kumar via GitHub (Wednesday, 6 September)
- Adam Langley via GitHub (Tuesday, 5 September)
- Johan Verrept via GitHub (Tuesday, 5 September)
- Akshay Kumar via GitHub (Tuesday, 5 September)
- Jakob Ehrensvard via GitHub (Monday, 4 September)
- Adam Langley via GitHub (Sunday, 3 September)
[webauthn] Sign counter alg 507 alternative: optional sig counter
[webauthn] Specify what happens when the Client receives invalid CBOR
[webauthn] The authenticatorMakeCredential operation section doesn't specify how to pass extensions to authenticator
[webauthn] The description for creating a new credential has the browser prompting the user for consent
[webauthn] The W3C HTML spec is broken, and probably shouldn't be referenced
[webauthn] U2F Attestation only lists Basic Attestation as supported
[webauthn] undefined terms
[webauthn] user id should be returned in get()
- Emil Lundberg via GitHub (Saturday, 23 September)
- Emil Lundberg via GitHub (Friday, 22 September)
- Anthony Nadalin via GitHub (Friday, 15 September)
- Angelo Liao via GitHub (Friday, 15 September)
- Emil Lundberg via GitHub (Friday, 15 September)
- Akshay Kumar via GitHub (Wednesday, 13 September)
- Rolf Lindemann via GitHub (Wednesday, 13 September)
- christiaanbrand via GitHub (Wednesday, 13 September)
- Akshay Kumar via GitHub (Saturday, 9 September)
- balfanz via GitHub (Friday, 8 September)
[webauthn] User Verification Method (uvm) extension incorrectly mentions user verification *index*
[webauthn] using descriptive names for authenticator selection criteria
[webauthn] UVM Extension Editorial Change
[webauthn] various issues with AppId extension
[webauthn] Where are rsaAlgName and eccAlgName defined?
Accessibility Questions from APA
Closed: [webauthn] "Authenticator extension processing" is likely wrong
Closed: [webauthn] "might be present on this authenticator" could use a clearer definition
Closed: [webauthn] [PR 384] Does requireUserMediation() make sense after merge
Closed: [webauthn] An issue about setAttestationChallenge() in "android-key" attestation statement
Closed: [webauthn] authenticatorGetAssertion showing selection UI for external authenticators
Closed: [webauthn] authenticatorMakeCredential has an excludeCredentialDescriptorList parameter, but doesn't do anything with it
Closed: [webauthn] Consider allowing authenticators to randomise signed hashes.
Closed: [webauthn] Consider requiring canonical CBOR throughout
Closed: [webauthn] Consider using USVString instead of DOMString sometimes
Closed: [webauthn] Credential ID uniqueness expectations are inconsistent/vague
Closed: [webauthn] Drop UAF references in favor of better explanation
Closed: [webauthn] It would be nice if the definition of "Scoped Credential" said something about what `identifier` and `type` are
Closed: [webauthn] Make U2F Attestation Format "sig" more precise
Closed: [webauthn] makeCredential should be more precise than NotAllowedError in its last step
Closed: [webauthn] Must returned extensions be mathematically proper subsets of requested extensions?
Closed: [webauthn] New research suggest using ED512 instead of ED256.
Closed: [webauthn] PublicKeyCredentialDescriptor.id and PublicKeyCredentialEntity.id type differ
Closed: [webauthn] Safetynet attestation does not return byte array as a response.
Closed: [webauthn] should authenticatorExtensions really be a dictionary?
Closed: [webauthn] Specify what happens when the Client receives invalid CBOR
Closed: [webauthn] The authenticatorMakeCredential operation section doesn't specify how to pass extensions to authenticator
Closed: [webauthn] The description for creating a new credential has the browser prompting the user for consent
Closed: [webauthn] Where are rsaAlgName and eccAlgName defined?
Eleven comments on " Web Authentication: An API for accessing Public Key Credentials". W3C Working Draft, 5 May 2017
fyi: client nonce security analysis
please review credman PR#100 and webauthn PR#498.. (fixup algs contd 3)
- =JeffH (Tuesday, 26 September)
- =JeffH (Tuesday, 12 September)
PR #586 review submitted
- =JeffH (Wednesday, 27 September)
reviewed current state of PR #539
Updated Web Platform Tests
WebAuthn Spec Status
Last message date: Saturday, 30 September 2017 23:41:03 UTC