public-webauthn@w3.org from August 2018 by subject

08/01/2018 W3C Web Authentication WG Meeting Agenda

• John Fontana (Wednesday, 1 August)

08/08/2018 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Tuesday, 7 August)

08/15/2018 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Tuesday, 14 August)

08/22/2018 W3C Web Authentication WG Meeting Agenda

• Emil Lundberg (Wednesday, 22 August)
• Anthony Nadalin (Wednesday, 22 August)

08/29/2018 W3C Web Authentication WG Meeting Agenda

• Emil Lundberg (Wednesday, 29 August)
• Anthony Nadalin (Wednesday, 29 August)

[w3c/webauthn]

• GitHub (Wednesday, 29 August)
• GitHub (Wednesday, 29 August)
• GitHub (Wednesday, 29 August)
• GitHub (Sunday, 26 August)
• GitHub (Sunday, 26 August)
• GitHub (Friday, 17 August)
• GitHub (Wednesday, 15 August)
• GitHub (Tuesday, 14 August)
• GitHub (Wednesday, 8 August)
• GitHub (Wednesday, 8 August)
• GitHub (Wednesday, 8 August)
• GitHub (Tuesday, 7 August)
• GitHub (Tuesday, 7 August)
• GitHub (Tuesday, 7 August)
• GitHub (Thursday, 2 August)
• GitHub (Thursday, 2 August)

[w3c/webauthn] 035ea7: Add privacy considerations about UV, PII and User ...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] 0957b1: Built by Travis-CI: 83dc21c8d4510d1dc9c7806c43ec5e...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] 0cbff5: change JeffH's affilitation (#1047)

• GitHub (Sunday, 26 August)

[w3c/webauthn] 0d515a: Cut some unnecessary text from the new first parag...

• GitHub (Monday, 13 August)

[w3c/webauthn] 10d754: Built by Travis-CI: bd9bc3ee399eab740563bebfe7927d...

• GitHub (Wednesday, 22 August)

[w3c/webauthn] 1d635f: Add bikeshed update to bikeshed Dockerfile

• GitHub (Wednesday, 8 August)
• GitHub (Wednesday, 8 August)

[w3c/webauthn] 1fe735: Address @equalsJeffH's review comments

• GitHub (Monday, 27 August)

[w3c/webauthn] 24aed4: fix #1015 FAR should be FRR (#1016)

• GitHub (Wednesday, 1 August)

[w3c/webauthn] 2747c8: Built by Travis-CI: bdc64c4dc0c7891c28e00974edc439...

• GitHub (Wednesday, 1 August)

[w3c/webauthn] 2d1bdc: fix grammar

• GitHub (Thursday, 2 August)

[w3c/webauthn] 2d80fd: Built by Travis-CI: ee3cf178256559fddb3b0d5880f6bd...

• GitHub (Wednesday, 15 August)

[w3c/webauthn] 2f6812: Add some links to [=managing authenticator=]

• GitHub (Thursday, 9 August)

[w3c/webauthn] 31433d: Built by Travis-CI: a057572c2ca6211ec5b9d62a73df0e...

• GitHub (Wednesday, 15 August)

[w3c/webauthn] 3357f0: Address @selfissued's review comments

• GitHub (Wednesday, 15 August)

[w3c/webauthn] 393469: fix #1012 determine attsCredData length

• GitHub (Thursday, 2 August)

[w3c/webauthn] 3b5be3: Built by Travis-CI: ee3cf178256559fddb3b0d5880f6bd...

• GitHub (Wednesday, 15 August)

[w3c/webauthn] 3b7d65: Built by Travis-CI: 653203d077584e5def14a367da5538...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] 45cfa9: Define "bound" for credentials

• GitHub (Thursday, 9 August)

[w3c/webauthn] 488ff0: add link to 2nd CR version

• GitHub (Wednesday, 8 August)
• GitHub (Wednesday, 8 August)

[w3c/webauthn] 494d57: Define "bound" for credentials and use the term "s...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] 5680e5: Built by Travis-CI: d74f56be8e38abdda425dfc586979f...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] 58b28f: Built by Travis-CI: bdc64c4dc0c7891c28e00974edc439...

• GitHub (Wednesday, 1 August)

[w3c/webauthn] 5c33b6: Add Username Enumeration section to privacy consid...

• GitHub (Monday, 13 August)

[w3c/webauthn] 63ccd4: Address @equalsJeffH's review comments

• GitHub (Monday, 27 August)

[w3c/webauthn] 653203: Clarify that SafetyNet response uses base64url (#1...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] 66327d: [Spelling] Added "be"

• GitHub (Tuesday, 14 August)

[w3c/webauthn] 6ce182: Built by Travis-CI: 24aed4e42440f0954491a374d7d82e...

• GitHub (Wednesday, 1 August)

[w3c/webauthn] 6f2f11: Renamed timeoutSeconds to timeoutMilliseconds as s...

• GitHub (Tuesday, 28 August)

[w3c/webauthn] 71b587: Add <dfn> to Bound Credential title

• GitHub (Wednesday, 29 August)
• GitHub (Wednesday, 29 August)
• GitHub (Monday, 27 August)

[w3c/webauthn] 7204fb: Built by Travis-CI: bd9bc3ee399eab740563bebfe7927d...

• GitHub (Wednesday, 22 August)

[w3c/webauthn] 85ddcb: Built by Travis-CI: 494d577efc4a6915df29ce4584d92f...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] 8ef8a7: Expand and link RP to Relying Party

• GitHub (Thursday, 9 August)

[w3c/webauthn] 91c306: Use final name for "serialize JSON to bytes" (#102...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] 929ca4: Built by Travis-CI: d74f56be8e38abdda425dfc586979f...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] 953050: change JeffH's affilitation

• GitHub (Sunday, 26 August)

[w3c/webauthn] 964aa6: fix #1012 determine Attested Credential Data lengt...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] 9a99d4: Fix typo

• GitHub (Sunday, 26 August)
• GitHub (Wednesday, 15 August)
• GitHub (Wednesday, 8 August)

[w3c/webauthn] 9f24e3: Built by Travis-CI: 0e4ed089d190ff192af46962408514...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] a37f05: Built by Travis-CI: 91c30688fba36b57fea7db9cde9bf6...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] a58294: Built by Travis-CI: 494d577efc4a6915df29ce4584d92f...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] a7276f: fix BS's bs objections to my source formatting...

• GitHub (Tuesday, 28 August)

[w3c/webauthn] acb0f6: fix #712 JSON-serialized client data is wrong

• GitHub (Wednesday, 1 August)

[w3c/webauthn] b6a48d: Note that the `appid` extension changes RP ID hash

• GitHub (Wednesday, 15 August)

[w3c/webauthn] b91fdf: Built by Travis-CI: 035ea799bf682a29ccba0f7f0d4b89...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] bd9bc3: Add note about actual implementations of appid. (#...

• GitHub (Wednesday, 22 August)

[w3c/webauthn] bdddc1: Built by Travis-CI: 964aa6c1eceaf922816573a639dec6...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] bee5bc: Built by Travis-CI: 0e4ed089d190ff192af46962408514...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] c8f516: removed duplicate

• GitHub (Wednesday, 8 August)

[w3c/webauthn] cd95d5: fix typo, thx apowers313 :)

• GitHub (Tuesday, 28 August)

[w3c/webauthn] d85bfb: Make <dfn>Bound Credential</dfn> the primary defin...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] da463e: Add a missing "be"

• GitHub (Monday, 27 August)

[w3c/webauthn] dbdf61: Address more review comments

• GitHub (Wednesday, 29 August)

[w3c/webauthn] ddd641: Built by Travis-CI: 24aed4e42440f0954491a374d7d82e...

• GitHub (Wednesday, 1 August)

[w3c/webauthn] e00504: Built by Travis-CI: a057572c2ca6211ec5b9d62a73df0e...

• GitHub (Wednesday, 15 August)

[w3c/webauthn] e3bb12: Built by Travis-CI: 964aa6c1eceaf922816573a639dec6...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] eb27b2: Built by Travis-CI: 83dc21c8d4510d1dc9c7806c43ec5e...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] eb3990: Built by Travis-CI: 91c30688fba36b57fea7db9cde9bf6...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] efc000: Add privacy considerations about UV, PII and User ...

• GitHub (Tuesday, 14 August)

[w3c/webauthn] f1f41a: Link [RPS]

• GitHub (Thursday, 9 August)

[w3c/webauthn] f2c67a: Built by Travis-CI: 653203d077584e5def14a367da5538...

• GitHub (Wednesday, 8 August)

[w3c/webauthn] f75884: Built by Travis-CI: 035ea799bf682a29ccba0f7f0d4b89...

• GitHub (Wednesday, 29 August)

[w3c/webauthn] fb12e8: Built by Travis-CI: 0cbff5300493714a35cd9b90516338...

• GitHub (Sunday, 26 August)

[webauthn] [Spelling] Added missing "be"

• Emil Lundberg via GitHub (Tuesday, 14 August)
• Samuel Weiler via GitHub (Tuesday, 14 August)
• Samuel Weiler via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)
• Anders Åberg via GitHub (Tuesday, 14 August)

[webauthn] `authData` in attestation vs `authenticatorData` in assertion naming?

• =JeffH via GitHub (Wednesday, 29 August)
• Adam Powers via GitHub (Friday, 17 August)
• Emil Lundberg via GitHub (Friday, 17 August)
• Suby Raman via GitHub (Thursday, 16 August)
• Suby Raman via GitHub (Thursday, 16 August)

[webauthn] `publicKey` member name in `CredentialCreationRequestOptions` should be `"public-key"`, or vice-versa?

• =JeffH via GitHub (Wednesday, 15 August)
• Boris Zbarsky via GitHub (Wednesday, 8 August)
• Adam Langley via GitHub (Wednesday, 8 August)
• Boris Zbarsky via GitHub (Friday, 3 August)
• Boris Zbarsky via GitHub (Thursday, 2 August)
• Adam Langley via GitHub (Thursday, 2 August)
• =JeffH via GitHub (Wednesday, 1 August)

[webauthn] add 'spec roadmap' section

• =JeffH via GitHub (Tuesday, 28 August)

[webauthn] Add bikeshed update to bikeshed Dockerfile

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Add note about actual implementations of appid.

• Anthony Nadalin via GitHub (Wednesday, 15 August)

[webauthn] Add privacy considerations about UV, PII and User Handle

• Anthony Nadalin via GitHub (Wednesday, 29 August)
• Anthony Nadalin via GitHub (Monday, 27 August)
• =JeffH via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)

[webauthn] Add Username Enumeration section to privacy considerations

• Anthony Nadalin via GitHub (Monday, 27 August)

[webauthn] address needs of various webauthn spec audiences

• Anthony Nadalin via GitHub (Wednesday, 29 August)
• Adam Powers via GitHub (Wednesday, 8 August)

[webauthn] Adopt consistent case for section headings

• Mike Jones via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)

[webauthn] Ambiguous instructions in Android Key Attestation Statement Format verification procedure

• Shane Weeden via GitHub (Thursday, 2 August)

[webauthn] Ambiguous/wrong instructions in Android Key Attestation Statement Format verification procedure

• Anthony Nadalin via GitHub (Wednesday, 29 August)
• Shane Weeden via GitHub (Friday, 17 August)
• Arnar Birgisson via GitHub (Friday, 17 August)
• Arnar Birgisson via GitHub (Friday, 17 August)
• Shane Weeden via GitHub (Monday, 13 August)

[webauthn] Android-key attestation format should include guidance on checks for timestampMs in the jws payload

• Anthony Nadalin via GitHub (Wednesday, 15 August)
• Shane Weeden via GitHub (Tuesday, 14 August)
• Anthony Nadalin via GitHub (Tuesday, 14 August)
• Shane Weeden via GitHub (Saturday, 11 August)

[webauthn] appid extension output is inaccurate in some corner cases

• Anthony Nadalin via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Friday, 10 August)

[webauthn] AppID extension: protocol version number?

• Mike Jones via GitHub (Wednesday, 8 August)

[webauthn] Authenticator selection extension needs to define snapshotting behavior

• Emil Lundberg via GitHub (Tuesday, 7 August)

[webauthn] Bad instructions in Android SafetyNet attestation validation steps

• Arnar Birgisson via GitHub (Wednesday, 1 August)

[webauthn] bikeshed now catching existing lint in master->index.bs

• Emil Lundberg via GitHub (Wednesday, 15 August)
• Emil Lundberg via GitHub (Wednesday, 15 August)

[webauthn] choose consistent section id prefix

• Rolf Lindemann via GitHub (Wednesday, 29 August)

[webauthn] Clarification of valid rpIdHash value requested in section 7 when using AppID extension

• Adam Langley via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Shane Weeden via GitHub (Wednesday, 8 August)
• Mike Jones via GitHub (Wednesday, 8 August)
• Adam Langley via GitHub (Wednesday, 8 August)

[webauthn] Clarify that SafetyNet response uses base64url

• Arnar Birgisson via GitHub (Wednesday, 8 August)
• Arnar Birgisson via GitHub (Wednesday, 8 August)
• Anthony Nadalin via GitHub (Wednesday, 8 August)

[webauthn] Closed Pull Request: Include an AuthenticatorTransport when creating a new credential.

• Adam Langley via GitHub (Wednesday, 29 August)

[webauthn] cognitive-accessibility consideration

• Adam Powers via GitHub (Wednesday, 29 August)
• Samuel Weiler via GitHub (Wednesday, 29 August)

[webauthn] Credential counter must initialise as 1

• Sangrae Cho via GitHub (Tuesday, 7 August)
• Ackermann Yuriy via GitHub (Monday, 6 August)

[webauthn] Define "bound" for credentials and use the term "scoped" where appropriate

• Anthony Nadalin via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Monday, 27 August)

[webauthn] Determining length of `attestedCredentialData` when authenticator extensions present.

• =JeffH via GitHub (Thursday, 2 August)

[webauthn] Divide Security/Privacy Considerations into subsections by audience?

• Emil Lundberg via GitHub (Wednesday, 15 August)
• =JeffH via GitHub (Wednesday, 15 August)
• Emil Lundberg via GitHub (Wednesday, 15 August)
• Anthony Nadalin via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)

[webauthn] Either UV or UP should be enough

• Anthony Nadalin via GitHub (Wednesday, 15 August)
• Akshay Kumar via GitHub (Tuesday, 14 August)
• Shane Weeden via GitHub (Tuesday, 14 August)
• Anthony Nadalin via GitHub (Tuesday, 14 August)
• Mike Jones via GitHub (Tuesday, 14 August)
• Ackermann Yuriy via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)
• Adam Powers via GitHub (Tuesday, 14 August)
• Shane Weeden via GitHub (Tuesday, 14 August)
• Ackermann Yuriy via GitHub (Tuesday, 14 August)
• Ackermann Yuriy via GitHub (Tuesday, 14 August)

[webauthn] Eliminate duplicate terminology

• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)

[webauthn] Ensure hard-coded step references in RP ops are correct

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] export definitions?

• =JeffH via GitHub (Monday, 27 August)

[webauthn] FIDO U2F supports Attestation CA (AttCA)?

• Anthony Nadalin via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Thursday, 16 August)
• Ki-Eun Shin via GitHub (Thursday, 16 August)

[webauthn] fix #1012 determine Attested Credential Data length

• Anthony Nadalin via GitHub (Thursday, 9 August)

[webauthn] fix #24: add reg & authn flow diagrams

• Emil Lundberg via GitHub (Tuesday, 7 August)

[webauthn] fix #712 JSON-serialized client data is wrong

• =JeffH via GitHub (Thursday, 2 August)
• Adam Langley via GitHub (Thursday, 2 August)
• =JeffH via GitHub (Thursday, 2 August)
• Adam Langley via GitHub (Wednesday, 1 August)

[webauthn] Fix some minor editorial issues

• =JeffH via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)

[webauthn] Fix typo

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Include an AuthenticatorTransport when creating a new credential.

• Adam Langley via GitHub (Wednesday, 29 August)

[webauthn] Indicate resident key credential "preferred" during registration and find out what the authenticator offered

• John Bradley via GitHub (Friday, 17 August)

[webauthn] Merged Pull Request: [Spelling] Added missing "be"

• Samuel Weiler via GitHub (Tuesday, 14 August)

[webauthn] Merged Pull Request: Add bikeshed update to bikeshed Dockerfile

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Merged Pull Request: add link to 2nd CR version

• Samuel Weiler via GitHub (Wednesday, 8 August)

[webauthn] Merged Pull Request: Add note about actual implementations of appid.

• =JeffH via GitHub (Wednesday, 22 August)

[webauthn] Merged Pull Request: Add privacy considerations about UV, PII and User Handle

• Akshay Kumar via GitHub (Wednesday, 29 August)

[webauthn] Merged Pull Request: change JeffH's affilitation

• =JeffH via GitHub (Sunday, 26 August)

[webauthn] Merged Pull Request: Clarify that SafetyNet response uses base64url

• Mike Jones via GitHub (Wednesday, 8 August)

[webauthn] Merged Pull Request: Define "bound" for credentials and use the term "scoped" where appropriate

• =JeffH via GitHub (Wednesday, 29 August)

[webauthn] Merged Pull Request: fix #1012 determine Attested Credential Data length

• =JeffH via GitHub (Tuesday, 14 August)

[webauthn] Merged Pull Request: fix #1015 FAR should be FRR

• Akshay Kumar via GitHub (Wednesday, 1 August)

[webauthn] Merged Pull Request: fix #712 JSON-serialized client data is wrong

• Adam Langley via GitHub (Wednesday, 1 August)

[webauthn] Merged Pull Request: Fix some minor editorial issues

• Emil Lundberg via GitHub (Wednesday, 15 August)

[webauthn] Merged Pull Request: Note that the appid extension changes RP ID hash

• Adam Langley via GitHub (Wednesday, 15 August)

[webauthn] Merged Pull Request: PR 1031: Bound Credential <dfn>

• Emil Lundberg via GitHub (Wednesday, 29 August)

[webauthn] Merged Pull Request: Use final name for "serialize JSON to bytes"

• =JeffH via GitHub (Wednesday, 8 August)

[webauthn] Mobile support

• =JeffH via GitHub (Monday, 27 August)
• maranjavatraining via GitHub (Sunday, 26 August)
• Ivan Kupalov via GitHub (Friday, 24 August)

[webauthn] new commits pushed by agl

• Adam Langley via GitHub (Wednesday, 15 August)
• Adam Langley via GitHub (Wednesday, 1 August)

[webauthn] new commits pushed by akshayku

• Akshay Kumar via GitHub (Wednesday, 29 August)
• Akshay Kumar via GitHub (Wednesday, 1 August)

[webauthn] new commits pushed by emlun

• Emil Lundberg via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Monday, 27 August)
• Emil Lundberg via GitHub (Wednesday, 15 August)
• Emil Lundberg via GitHub (Wednesday, 15 August)
• Emil Lundberg via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Monday, 13 August)
• Emil Lundberg via GitHub (Monday, 13 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] new commits pushed by equalsJeffH

• =JeffH via GitHub (Wednesday, 29 August)
• =JeffH via GitHub (Tuesday, 28 August)
• =JeffH via GitHub (Tuesday, 28 August)
• =JeffH via GitHub (Tuesday, 28 August)
• =JeffH via GitHub (Sunday, 26 August)
• =JeffH via GitHub (Sunday, 26 August)
• =JeffH via GitHub (Sunday, 26 August)
• =JeffH via GitHub (Sunday, 26 August)
• =JeffH via GitHub (Wednesday, 22 August)
• =JeffH via GitHub (Tuesday, 14 August)
• =JeffH via GitHub (Wednesday, 8 August)
• =JeffH via GitHub (Thursday, 2 August)
• =JeffH via GitHub (Thursday, 2 August)
• =JeffH via GitHub (Thursday, 2 August)

[webauthn] new commits pushed by samuelweiler

• Samuel Weiler via GitHub (Tuesday, 14 August)
• Samuel Weiler via GitHub (Wednesday, 8 August)
• Samuel Weiler via GitHub (Wednesday, 8 August)
• Samuel Weiler via GitHub (Wednesday, 8 August)

[webauthn] new commits pushed by selfissued

• Mike Jones via GitHub (Wednesday, 8 August)

[webauthn] new commits pushed by WebAuthnBot

• WebAuthnBot via GitHub (Wednesday, 29 August)
• WebAuthnBot via GitHub (Wednesday, 29 August)
• WebAuthnBot via GitHub (Wednesday, 29 August)
• WebAuthnBot via GitHub (Wednesday, 29 August)
• WebAuthnBot via GitHub (Sunday, 26 August)
• WebAuthnBot via GitHub (Wednesday, 22 August)
• WebAuthnBot via GitHub (Wednesday, 22 August)
• WebAuthnBot via GitHub (Wednesday, 15 August)
• WebAuthnBot via GitHub (Wednesday, 15 August)
• WebAuthnBot via GitHub (Wednesday, 15 August)
• WebAuthnBot via GitHub (Wednesday, 15 August)
• WebAuthnBot via GitHub (Tuesday, 14 August)
• WebAuthnBot via GitHub (Tuesday, 14 August)
• WebAuthnBot via GitHub (Tuesday, 14 August)
• WebAuthnBot via GitHub (Tuesday, 14 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 8 August)
• WebAuthnBot via GitHub (Wednesday, 1 August)
• WebAuthnBot via GitHub (Wednesday, 1 August)
• WebAuthnBot via GitHub (Wednesday, 1 August)
• WebAuthnBot via GitHub (Wednesday, 1 August)

[webauthn] None hardware option - as for ssl client certificates

• Markus Schräder via GitHub (Wednesday, 8 August)
• Ackermann Yuriy via GitHub (Wednesday, 8 August)
• Markus Schräder via GitHub (Wednesday, 8 August)

[webauthn] None hardware/device option - as for ssl client certificates

• Markus Schräder via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)
• Markus Schräder via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Note that the appid extension changes RP ID hash

• Anthony Nadalin via GitHub (Tuesday, 14 August)

[webauthn] NULL or DOMException

• Mike Jones via GitHub (Wednesday, 8 August)
• Mike Jones via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Tuesday, 7 August)

[webauthn] Partial dictionaries for extension outputs may be incorrect use of WebIDL

• Adam Langley via GitHub (Wednesday, 1 August)

[webauthn] PR 1031: Bound Credential <dfn>

• Emil Lundberg via GitHub (Wednesday, 29 August)

[webauthn] Propose SafetyNet as an extension

• Christiaan Brand via GitHub (Wednesday, 1 August)

[webauthn] Provide transport information during registration.

• Adam Langley via GitHub (Wednesday, 29 August)

[webauthn] providing info about authenticator availability / attachments

• Suby Raman via GitHub (Thursday, 16 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Public key rules for "packed" attestation type

• Anthony Nadalin via GitHub (Wednesday, 15 August)
• =JeffH via GitHub (Wednesday, 8 August)

[webauthn] Pull Request: [Spelling] Added missing "be"

• Anders Åberg via GitHub (Tuesday, 14 August)

[webauthn] Pull Request: Add bikeshed update to bikeshed Dockerfile

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Pull Request: add link to 2nd CR version

• Samuel Weiler via GitHub (Wednesday, 8 August)

[webauthn] Pull Request: Add note about actual implementations of appid.

• Adam Langley via GitHub (Thursday, 9 August)

[webauthn] Pull Request: Add privacy considerations about UV, PII and User Handle

• Emil Lundberg via GitHub (Tuesday, 14 August)

[webauthn] Pull Request: Add Username Enumeration section to privacy considerations

• Emil Lundberg via GitHub (Monday, 13 August)

[webauthn] Pull Request: change JeffH's affilitation

• =JeffH via GitHub (Sunday, 26 August)

[webauthn] Pull Request: Clarify that SafetyNet response uses base64url

• Arnar Birgisson via GitHub (Wednesday, 1 August)

[webauthn] Pull Request: Define "bound" for credentials and use the term "scoped" where appropriate

• Emil Lundberg via GitHub (Thursday, 9 August)

[webauthn] Pull Request: fix #1012 determine Attested Credential Data length

• =JeffH via GitHub (Thursday, 2 August)

[webauthn] Pull Request: Fix typo

• Emil Lundberg via GitHub (Wednesday, 8 August)

[webauthn] Pull Request: Note that the appid extension changes RP ID hash

• Adam Langley via GitHub (Thursday, 9 August)

[webauthn] Pull Request: PR 1031: Bound Credential <dfn>

• Emil Lundberg via GitHub (Monday, 27 August)

[webauthn] Pull Request: Provide transport information during registration.

• Adam Langley via GitHub (Wednesday, 29 August)

[webauthn] Pull Request: Use final name for "serialize JSON to bytes"

• Domenic Denicola via GitHub (Thursday, 2 August)

[webauthn] SafetyNet response as an extension

• Christiaan Brand via GitHub (Wednesday, 1 August)

[webauthn] Second CR not referenced from https://w3c.github.io/webauthn/

• Mike Jones via GitHub (Wednesday, 8 August)

[webauthn] Security threat: Username enumeration

• Emil Lundberg via GitHub (Friday, 10 August)
• John Bradley via GitHub (Wednesday, 1 August)

[webauthn] Tighten security scope by port

• Anne van Kesteren via GitHub (Tuesday, 7 August)
• Emil Lundberg via GitHub (Tuesday, 7 August)

[webauthn] undefined terms and terms we really ought to define

• Emil Lundberg via GitHub (Thursday, 9 August)

[webauthn] Unspecified CBOR encoding of integer numbers above a threshold

• Peter Occil via GitHub (Friday, 17 August)

[webauthn] Use final name for "serialize JSON to bytes"

• Domenic Denicola via GitHub (Wednesday, 8 August)
• Anthony Nadalin via GitHub (Wednesday, 8 August)
• Emil Lundberg via GitHub (Wednesday, 8 August)
• Domenic Denicola via GitHub (Tuesday, 7 August)

[webauthn] User agent / key management [authenticator] interoperability requirements?

• Anthony Nadalin via GitHub (Tuesday, 14 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• Emil Lundberg via GitHub (Thursday, 9 August)
• =JeffH via GitHub (Wednesday, 8 August)
• mhano via GitHub (Wednesday, 1 August)

[webauthn] Using a smart phone as an authenticator with WebAuthn

• J.C. Jones via GitHub (Wednesday, 29 August)
• Emil Lundberg via GitHub (Wednesday, 29 August)
• =JeffH via GitHub (Monday, 27 August)
• maranjavatraining via GitHub (Sunday, 26 August)

Article: Security Concerns Surrounding WebAuthn

• Emil Lundberg (Thursday, 23 August)

Call for Exclusions: Web Authentication: An API for accessing Public Key Credentials Level 1

• Xueyuan (Tuesday, 7 August)

Closed: [webauthn] `authData` in attestation vs `authenticatorData` in assertion naming?

• =JeffH via GitHub (Wednesday, 29 August)
• Suby Raman via GitHub (Thursday, 16 August)

Closed: [webauthn] Android-key attestation format should include guidance on checks for timestampMs in the jws payload

• Anthony Nadalin via GitHub (Wednesday, 15 August)

Closed: [webauthn] AppID extension: protocol version number?

• =JeffH via GitHub (Wednesday, 22 August)

Closed: [webauthn] Bad instructions in Android SafetyNet attestation validation steps

• Mike Jones via GitHub (Wednesday, 8 August)

Closed: [webauthn] bikeshed now catching existing lint in master->index.bs

• Emil Lundberg via GitHub (Wednesday, 15 August)

Closed: [webauthn] Clarification of valid rpIdHash value requested in section 7 when using AppID extension

• Adam Langley via GitHub (Wednesday, 15 August)

Closed: [webauthn] Credential counter must initialise as 1

• Ackermann Yuriy via GitHub (Tuesday, 7 August)

Closed: [webauthn] Determining length of `attestedCredentialData` when authenticator extensions present.

• =JeffH via GitHub (Tuesday, 14 August)

Closed: [webauthn] Either UV or UP should be enough

• Anthony Nadalin via GitHub (Wednesday, 15 August)

Closed: [webauthn] JSON-serialized client data is wrong

• Adam Langley via GitHub (Wednesday, 1 August)

Closed: [webauthn] Minor typo - FAR should be FRR

• Akshay Kumar via GitHub (Wednesday, 1 August)

Closed: [webauthn] Minor typo in Android Key Attestation Format

• Emil Lundberg via GitHub (Wednesday, 15 August)

Closed: [webauthn] None hardware/device option - as for ssl client certificates

• Markus Schräder via GitHub (Wednesday, 8 August)

Closed: [webauthn] Partial dictionaries for extension outputs may be incorrect use of WebIDL

• Adam Langley via GitHub (Wednesday, 1 August)

Closed: [webauthn] Privacy Considerations should describe risks of storing userID/displayName in "second-factor" authenticators

• Akshay Kumar via GitHub (Wednesday, 29 August)

Closed: [webauthn] providing info about authenticator availability / attachments

• Emil Lundberg via GitHub (Wednesday, 8 August)

Closed: [webauthn] Public key rules for "packed" attestation type

• Anthony Nadalin via GitHub (Wednesday, 15 August)

Closed: [webauthn] Second CR not referenced from https://w3c.github.io/webauthn/

• Samuel Weiler via GitHub (Wednesday, 8 August)

Closed: [webauthn] Tighten security scope by port

• Anne van Kesteren via GitHub (Tuesday, 7 August)

Closed: [webauthn] Using a smart phone as an authenticator with WebAuthn

• J.C. Jones via GitHub (Wednesday, 29 August)

Summit on Recovering from Device Loss in WebAuthn

• Alex Takakuwa (Thursday, 30 August)
• jeff.hodges@kingsmountain.com (Monday, 27 August)
• Rolf Lindemann (Saturday, 18 August)
• Alex Takakuwa (Saturday, 18 August)
• Alex Takakuwa (Tuesday, 7 August)

Timeline bounds for PR/Rec

• Samuel Weiler (Wednesday, 8 August)

webauthn forces people to buy hardware

• Markus Schräder (Thursday, 9 August)
• John Bradley (Thursday, 9 August)
• John Bradley (Thursday, 9 August)
• John Bradley (Thursday, 9 August)
• Sarangdhar, Nitin V (Thursday, 9 August)
• Anthony Nadalin (Thursday, 9 August)
• Markus Schräder (Thursday, 9 August)
• Sarangdhar, Nitin V (Thursday, 9 August)
• Anthony Nadalin (Thursday, 9 August)
• Markus Schräder (Thursday, 9 August)
• Emil Lundberg (Thursday, 9 August)
• Markus Schräder (Thursday, 9 August)

Last message date: Thursday, 30 August 2018 22:56:43 UTC