public-webauthn@w3.org from February 2018 by subject

02/07/2018 W3C Web Authentication WG Meeting Agenda

02/14/2018 W3C Web Authentication WG Meeting Agenda

02/20/2018 W3C Web Authentication WG Meeting Agenda

02/28/2018 W3C Web Authentication WG Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 01eb5e: Built by Travis-CI: ca4cf0f63d2f7f5fd48cddc31b1cb3...

[w3c/webauthn] 02f96c: Incorporating comments

[w3c/webauthn] 075329: Built by Travis-CI: c4a30ee7ea99de0cdfc38ceecac564...

[w3c/webauthn] 087d37: Built by Travis-CI: bbfd0777362b39f042ea061355cbaa...

[w3c/webauthn] 08a981: Built by Travis-CI: 1dc69b110f0851acebc16c5c3bf4f5...

[w3c/webauthn] 0ab294: Built by Travis-CI: 05335d4484044dbca552f74ab52ff1...

[w3c/webauthn] 13b5b3: Built by Travis-CI: 716a169d4f68508dfe28216789bf82...

[w3c/webauthn] 15fc95: Built by Travis-CI: e3c1ad491caa682e76ae682b633629...

[w3c/webauthn] 18f342: Incorporating comments-3

[w3c/webauthn] 191fa8: use UTF-8 decode alg directly

[w3c/webauthn] 1940d0: Built by Travis-CI: 567ae6de6f9e0632ffddb602904c15...

[w3c/webauthn] 195a8f: Plumb CTAP's authorized "already registered" error...

[w3c/webauthn] 1d7b02: fix #204: factor makeCred into reg & authn priv co...

[w3c/webauthn] 1d89ff: Built by Travis-CI: 7fa8792b7be410c4ddb632056a2335...

[w3c/webauthn] 1dc69b: update masthead and acks (#788)

[w3c/webauthn] 1f51af: NitBit: Incorporate comments from Alex, Mike

[w3c/webauthn] 22b884: Built by Travis-CI: d563d8352590322b404ef76e53a4f1...

[w3c/webauthn] 24a567: add discusion of authnr selection to authnr model ...

[w3c/webauthn] 35032b: Define actions for “none” attestation.

[w3c/webauthn] 381bbf: refer to ceremony rather than operation

[w3c/webauthn] 39bc6c: Make IANA COSE Algorithms values TBD with requeste...

[w3c/webauthn] 3a3700: Signature field clarification in attestation state...

[w3c/webauthn] 3c435a: fixup inter-step references, thx emlun!

[w3c/webauthn] 3ceed4: Change from getClientExtensionResults function to ...

[w3c/webauthn] 3e99d4: Built by Travis-CI: 24a567b36f5b9d0223067dc0714649...

[w3c/webauthn] 409f34: Built by Travis-CI: 39bc6cf1c21a8a1731334666ae77a5...

[w3c/webauthn] 42cc9d: Revise §9.5. "Authenticator extension processing" ...

[w3c/webauthn] 4514d1: Incorporating comments-4

[w3c/webauthn] 45caac: Tpm attestation fields clarifications

[w3c/webauthn] 4af3d8: fix RP reg op inter-step refs

[w3c/webauthn] 4bdb54: Json comma issue

[w3c/webauthn] 4dbc3a: Add instructions for passing unknown extensions to...

[w3c/webauthn] 4e77cf: Built by Travis-CI: 5c3054f1f0e2a3eeb8a4f24b39032a...

[w3c/webauthn] 4f1a3b: Describe how authenticators unique and find creden...

[w3c/webauthn] 563379: CTAP2 definition fix (#783)

[w3c/webauthn] 567ae6: Change Subject-C type from UTF8String to Printable...

[w3c/webauthn] 57ab45: fix #792: use utf 8 decode directly (#793)

[w3c/webauthn] 5c0aa5: Built by Travis-CI: 57ab456f93afbd13ac1cd179996760...

[w3c/webauthn] 5c3054: Spelling and grammar corrections (#815)

[w3c/webauthn] 60ed25: hmac-secret extension

[w3c/webauthn] 61bc86: Put Signature formats in its own section

[w3c/webauthn] 696cc5: Corrected txAuthGeneric client extension input typ...

[w3c/webauthn] 6dea56: Built by Travis-CI: 3ceed42963c22af0c3f0df1ecbae28...

[w3c/webauthn] 6eddb4: Refer JSON deserialization to Infra spec

[w3c/webauthn] 6f3dbc: Built by Travis-CI: 3a3700a68a73bdab35679cb8a83fc4...

[w3c/webauthn] 716a16: Updates for draft-hodges-webauthn-registries-01 (#...

[w3c/webauthn] 7415c4: Clarify that |extensions| in authenticator ops is ...

[w3c/webauthn] 7b518b: Sig Clarification

[w3c/webauthn] 7b8476: Update index.bs

[w3c/webauthn] 7c0950: Attempt to address @selfissued's review comments

[w3c/webauthn] 7e5c33: Built by Travis-CI: 4d700225b49d4ae0869509c1ff063f...

[w3c/webauthn] 7f4248: Built by Travis-CI: 4dbc3af9d0aebad6bf87448a15574c...

[w3c/webauthn] 7fa879: rmove self attstn from U2F attstn format (#781)

[w3c/webauthn] 8045f4: Built by Travis-CI: f13e030eaccfff478d17548d3f3f62...

[w3c/webauthn] 81ad4c: update masthead and acks

[w3c/webauthn] 861667: typo

[w3c/webauthn] 894c2f: Align wording between first and second paragraphs ...

[w3c/webauthn] 925403: Built by Travis-CI: f41cf83849f1725d545e14f1bb84f5...

[w3c/webauthn] 92b51d: apply same changes to #verifying-assertion

[w3c/webauthn] 931b60: Revert "Move <dfn>authenticator extension input</d...

[w3c/webauthn] 934084: rmove self attstn from U2F attstn format

[w3c/webauthn] 99766e: PR #763 untangled: Add consideration of browser p...

[w3c/webauthn] a47fe1: Switch |tokenBindingId| to a structure.

[w3c/webauthn] a92321: renamed authenticator-model to sctn-authenticator-...

[w3c/webauthn] a9f806: create short names for attstn types not having suc...

[w3c/webauthn] adbda3: Fix feature detection. (#808)

[w3c/webauthn] af8b20: add JSON explicit parsing step

[w3c/webauthn] b46560: Built by Travis-CI: 2bc4c05c517ef3491d387c2c59e880...

[w3c/webauthn] b77a5e: factor makeCred into reg & authn priv cons

[w3c/webauthn] b84a10: Fix outdated step references in RP registration al...

[w3c/webauthn] bbfd07: Remove clientExtensions and authenticatorExtension...

[w3c/webauthn] bfbc8a: renamed authenticator-model to sctn-authenticator-...

[w3c/webauthn] c18a13: Revert clientExtensionResults attribute back to ge...

[w3c/webauthn] c38507: added reference for TCG-CMCProfile-AIKCertEnroll

[w3c/webauthn] c45630: Update index.bs

[w3c/webauthn] c4a30e: Change uses of acme.com to example.com (#814)

[w3c/webauthn] c8c43e: Incorporating comments - 6

[w3c/webauthn] ca4cf0: Rename MakePublicKeyCredentialOptions to PublicKey...

[w3c/webauthn] cac111: Un-hardcode step numbers in RP operations

[w3c/webauthn] cb2fa0: Built by Travis-CI: a92321efe4dea6077137295ea7d05b...

[w3c/webauthn] cdf234: added reference to the Standard Attestation Struct...

[w3c/webauthn] d1e2d1: added reference for TPMS_CERTIFY_INFO

[w3c/webauthn] d56d1e: fix 746: uniformly define attestation type short i...

[w3c/webauthn] d6b988: Built by Travis-CI: 5124c6106cad3798d28b0fde634ce4...

[w3c/webauthn] d77acb: Update index.bs

[w3c/webauthn] db4ed3: Built by Travis-CI: d56d1e76b9e27b182c7dc1909d4eb8...

[w3c/webauthn] e192c3: Un-hardcode step numbers in RP operations

[w3c/webauthn] e24987: Built by Travis-CI: c18a1387026b51b3d33d19a12d49cd...

[w3c/webauthn] e3c1ad: fix RP reg op inter-step refs (#795)

[w3c/webauthn] ec4921: Clarify that ECDSA is ASN.1 DER format

[w3c/webauthn] f0224a: Update CDDL to reflect packed, self-attestation.

[w3c/webauthn] f0ad6c: Address review comments by @equalsJeffH

[w3c/webauthn] f13bbc: Exception for ECDSA for consistency

[w3c/webauthn] f13e03: fix #658: add user cancelled operation Note (#760)

[w3c/webauthn] f41cf8: Tpm attestation fields clarification (#791)

[w3c/webauthn] fea840: add discusion of authnr selection to authnr model ...

[webauthn] Add CDDL to every extension

[webauthn] Add instructions for passing unknown extensions to authenticators

[webauthn] Add non-ASCII RP display name example

[webauthn] added reference for TCG-CMCProfile-AIKCertEnroll

[webauthn] Adding CDDL to txAuthSimple

[webauthn] adopt consistent terms for RP server-side and client-side components

[webauthn] agl doesn't understand extensions

[webauthn] assertionChallenge recommendations

[webauthn] attestation type identifiers and their use is only implicitly defined

[webauthn] Authenticator session not possible for BLE

[webauthn] Biometric Criteria Extension

[webauthn] Change from getClientExtensionResults function to clientExtensionResults attribute

[webauthn] Change Subject-C type from UTF8String to PrintableString

[webauthn] clarify "authenticator model": RPs may perform feature-based authenticator selection

[webauthn] Clarify byte size requirements for UVI

[webauthn] Clarify how RP should verify extension outputs

[webauthn] Closed Pull Request: added reference for TCG-CMCProfile-AIKCertEnroll

[webauthn] Closed Pull Request: Fix #712: Refer to the JSON object as %JSON%

[webauthn] Closed Pull Request: hmac-secret extension

[webauthn] Closed Pull Request: Location extension corrections

[webauthn] Closed Pull Request: Update session management for BT

[webauthn] Consider using "parse JSON from bytes"

[webauthn] Create an Explainer document

[webauthn] Define actions for “none” attestation.

[webauthn] Describe how authenticators unique and find credential sources.

[webauthn] Display name content rules?

[webauthn] document why only "valid domain" format is allowed for "effective domain"

[webauthn] Document wide review

[webauthn] ECDAA verification algorithm in TPM Attestation Statement Format

[webauthn] Editorial changes from PR #718

[webauthn] Ensure hard-coded step references in RP ops are correct

[webauthn] Examples should include non-ASCII [editorial]

[webauthn] fix #204: factor makeCred into reg & authn priv considerations

[webauthn] fix #658: add user cancelled operation Note

[webauthn] Fix #668: Recommend RPs to verify UP and UV flags

[webauthn] Fix #712: Refer to the JSON object as %JSON%

[webauthn] Fix #713: Refer JSON deserialization to Infra spec

[webauthn] fix #792: use utf 8 decode directly

[webauthn] fix #794: RP registration operation inter-step refs

[webauthn] fix 645: add discusion of authnr selection to authnr model intro

[webauthn] fix 745: remove self attstn from U2F attstn format

[webauthn] fix 746: uniformly define attestation type short identifiers

[webauthn] Fix feature detection.

[webauthn] Fix outdated step references in RP registration algorithm

[webauthn] follow Bluetooth and NFC brand usage guidance

[webauthn] hardcoded step refs in #registering-a-new-credential are incorrect

[webauthn] hmac-secret extension

[webauthn] Images not visible in published spec

[webauthn] Include Constants for COSE Algorithm Numbers

[webauthn] JSON deserialization is not defined

[webauthn] JSON-serialized client data is wrong

[webauthn] Justify differences in TPM Attestation Verification procedures in WebAuthn versus TCG specifications

[webauthn] Mention FIDO transports extension in X.509 cert requirements?

[webauthn] Merge {#sample-scenarios} section with the {#usecase} section

[webauthn] Merged Pull Request: Add instructions for passing unknown extensions to authenticators

[webauthn] Merged Pull Request: Adding CDDL to txAuthSimple

[webauthn] Merged Pull Request: Align wording between first and second paragraphs in section 9.5

[webauthn] Merged Pull Request: Biometric Criteria Extension

[webauthn] Merged Pull Request: Change from getClientExtensionResults function to clientExtensionResults attribute

[webauthn] Merged Pull Request: Change Subject-C type from UTF8String to PrintableString

[webauthn] Merged Pull Request: Change uses of acme.com to example.com

[webauthn] Merged Pull Request: CTAP2 definition fix

[webauthn] Merged Pull Request: Define actions for “none” attestation.

[webauthn] Merged Pull Request: Describe how authenticators unique and find credential sources.

[webauthn] Merged Pull Request: Editorial changes from PR #718

[webauthn] Merged Pull Request: fix #204: factor makeCred into reg & authn priv considerations

[webauthn] Merged Pull Request: fix #658: add user cancelled operation Note

[webauthn] Merged Pull Request: Fix #668: Recommend RPs to verify UP and UV flags

[webauthn] Merged Pull Request: Fix #713: Refer JSON deserialization to Infra spec

[webauthn] Merged Pull Request: fix #792: use utf 8 decode directly

[webauthn] Merged Pull Request: fix #794: RP registration operation inter-step refs

[webauthn] Merged Pull Request: fix 645: add discusion of authnr selection to authnr model intro

[webauthn] Merged Pull Request: fix 745: remove self attstn from U2F attstn format

[webauthn] Merged Pull Request: fix 746: uniformly define attestation type short identifiers

[webauthn] Merged Pull Request: Fix feature detection.

[webauthn] Merged Pull Request: Fix outdated step references in RP registration algorithm

[webauthn] Merged Pull Request: Make IANA COSE Algorithms values TBD with requested assignments

[webauthn] Merged Pull Request: Plumb CTAP's authorized "already registered" error through to RP

[webauthn] Merged Pull Request: PR #763 untangled: Add consideration of browser permissions framework for extension processing

[webauthn] Merged Pull Request: Remove clientExtensions and authenticatorExtensions from CollectedClientData

[webauthn] Merged Pull Request: Rename MakePublicKeyCredentialOptions to PublicKeyCredentialCreateOptions

[webauthn] Merged Pull Request: renamed authenticator-model to sctn-authenticator-model

[webauthn] Merged Pull Request: Revert clientExtensionResults attribute back to getClientExtensionResults function

[webauthn] Merged Pull Request: Revise §9.5. "Authenticator extension processing"

[webauthn] Merged Pull Request: Signature field clarification in attestation statement

[webauthn] Merged Pull Request: Spelling and grammar corrections

[webauthn] Merged Pull Request: Switch |tokenBindingId| to a structure.

[webauthn] Merged Pull Request: Tpm attestation fields clarification

[webauthn] Merged Pull Request: Update CDDL to reflect packed, self-attestation.

[webauthn] Merged Pull Request: update masthead and acknowledgements

[webauthn] Merged Pull Request: Updates for draft-hodges-webauthn-registries-01

[webauthn] new commits pushed by agl

[webauthn] new commits pushed by akshayku

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by gmandyam

[webauthn] new commits pushed by nadalin

[webauthn] new commits pushed by rlin1

[webauthn] new commits pushed by selfissued

[webauthn] new commits pushed by WebAuthnBot

[webauthn] note that "credential public key" is the same as "user's public key"

[webauthn] Packed and U2F Attestation Statements' verifications don't differentiate between Basic and Privacy CA Attestation Types

[webauthn] Plumb CTAP's authorized "already registered" error through to RP

[webauthn] PR #763 untangled: Add consideration of browser permissions framework for extension processing

[webauthn] Privacy across Account IDs

[webauthn] Processing extensions as JSON

[webauthn] providing info about authenticator availability / attachments

[webauthn] Pull Request: Add instructions for passing unknown extensions to authenticators

[webauthn] Pull Request: Add non-ASCII RP display name example

[webauthn] Pull Request: added reference for TCG-CMCProfile-AIKCertEnroll

[webauthn] Pull Request: Align wording between first and second paragraphs in section 9.5

[webauthn] Pull Request: Change from getClientExtensionResults function to clientExtensionResults attribute

[webauthn] Pull Request: Change Subject-C type from UTF8String to PrintableString

[webauthn] Pull Request: Change uses of acme.com to example.com

[webauthn] Pull Request: CTAP2 definition fix

[webauthn] Pull Request: fix #204: factor makeCred into reg & authn priv considerations

[webauthn] Pull Request: Fix #712: Refer to the JSON object as %JSON%

[webauthn] Pull Request: Fix #713: Refer JSON deserialization to Infra spec

[webauthn] Pull Request: fix #792: use utf 8 decode directly

[webauthn] Pull Request: fix #794: RP registration operation inter-step refs

[webauthn] Pull Request: fix 645: add discusion of authnr selection to authnr model intro

[webauthn] Pull Request: fix 745: remove self attstn from U2F attstn format

[webauthn] Pull Request: fix 746: uniformly define attestation type short identifiers

[webauthn] Pull Request: Fix feature detection.

[webauthn] Pull Request: hmac-secret extension

[webauthn] Pull Request: Location extension corrections

[webauthn] Pull Request: Make IANA COSE Algorithms values TBD with requested assignments

[webauthn] Pull Request: Plumb CTAP's authorized "already registered" error through to RP

[webauthn] Pull Request: Remove clientExtensions and authenticatorExtensions from CollectedClientData

[webauthn] Pull Request: Rename MakePublicKeyCredentialOptions to PublicKeyCredentialCreateOptions

[webauthn] Pull Request: renamed authenticator-model to sctn-authenticator-model

[webauthn] Pull Request: Revert clientExtensionResults attribute back to getClientExtensionResults function

[webauthn] Pull Request: Revise §9.5. "Authenticator extension processing"

[webauthn] Pull Request: Signature field clarification in attestation statement

[webauthn] Pull Request: Spelling and grammar corrections

[webauthn] Pull Request: Switch |tokenBindingId| to a structure.

[webauthn] Pull Request: Tpm attestation fields clarification

[webauthn] Pull Request: Updates for draft-hodges-webauthn-registries-01

[webauthn] Pull Request: UVI modification with CDDL

[webauthn] Random prefixes to reduce hash requirement of RSA+SHA-1 to TCR

[webauthn] reference "UTF-8 decode" directly rather than "parse JSON from bytes"

[webauthn] reference TCG-CMCProfile-AIKCertEnroll missing.

[webauthn] Remove clientExtensions and authenticatorExtensions from CollectedClientData

[webauthn] Rename MakePublicKeyCredentialOptions to PublicKeyCredentialCreateOptions

[webauthn] Rename MakePublicKeyCredentialOptions?

[webauthn] Replace Authenticator Model with CTAP

[webauthn] Revert clientExtensionResults attribute back to getClientExtensionResults function

[webauthn] Revert location extension back to approved PR's

[webauthn] Revise §9.5. "Authenticator extension processing"

[webauthn] RP guidelines should allow RP to not check attestation

[webauthn] RPs cannot show "You've Already Registered This Authenticator" Message

[webauthn] s/CTAP canonical CBOR/CTAP2 canonical CBOR/g

[webauthn] Signature field clarification in attestation statement

[webauthn] Signature format needs to be defined

[webauthn] Spelling and grammar corrections

[webauthn] Subject-C type in packed cert requirements is incorrect

[webauthn] Switch |tokenBindingId| to a structure.

[webauthn] TokenBindingId value doesn't permit the U2F "unsued"

[webauthn] TokenBindingId value doesn't permit the U2F "unused" value

[webauthn] Tpm attestation fields clarification

[webauthn] Transaction authorization extensions are registration and authentication extension?

[webauthn] U2F Attestation Statement Format does not define "self attestation" steps

[webauthn] Update CDDL to reflect packed, self-attestation.

[webauthn] update extensions framework to include interfacing with user agent permissions framework

[webauthn] update masthead and acknowledgements

[webauthn] Update session management for BT

[webauthn] What's this SPEC for?

[webauthn] Why is the Token Binding ID a base64url encoded DOMString rather than an ArrayBuffer?

[webauthn] §9.5. "Authenticator extension processing" is ambiguous

administrivia: Candidate Recommendation and Last Working Draft

AW: [webauthn] Update session management for BT

Closed: [webauthn] Add CDDL to every extension

Closed: [webauthn] agl doesn't understand extensions

Closed: [webauthn] attestation type identifiers and their use is only implicitly defined

Closed: [webauthn] Authenticator session not possible for BLE

Closed: [webauthn] clarify "authenticator model": RPs may perform feature-based authenticator selection

Closed: [webauthn] Clarify how RP should verify extension outputs

Closed: [webauthn] CTAP/U2F doesn't status indicating the user cancelled the operation

Closed: [webauthn] define "blinding"

Closed: [webauthn] follow Bluetooth and NFC brand usage guidance

Closed: [webauthn] hardcoded step refs in #registering-a-new-credential are incorrect

Closed: [webauthn] Images not visible in published spec

Closed: [webauthn] Include Constants for COSE Algorithm Numbers

Closed: [webauthn] JSON deserialization is not defined

Closed: [webauthn] Justify differences in TPM Attestation Verification procedures in WebAuthn versus TCG specifications

Closed: [webauthn] Mention FIDO transports extension in X.509 cert requirements?

Closed: [webauthn] Packed and U2F Attestation Statements' verifications don't differentiate between Basic and Privacy CA Attestation Types

Closed: [webauthn] Privacy across Account IDs

Closed: [webauthn] Processing extensions as JSON

Closed: [webauthn] Random prefixes to reduce hash requirement of RSA+SHA-1 to TCR

Closed: [webauthn] Recommend RPs to verify UP and UV flags

Closed: [webauthn] reference "UTF-8 decode" directly rather than "parse JSON from bytes"

Closed: [webauthn] reference TCG-CMCProfile-AIKCertEnroll missing.

Closed: [webauthn] Rename MakePublicKeyCredentialOptions?

Closed: [webauthn] Replace Authenticator Model with CTAP

Closed: [webauthn] Revert location extension back to approved PR's

Closed: [webauthn] RPs cannot show "You've Already Registered This Authenticator" Message

Closed: [webauthn] s/CTAP canonical CBOR/CTAP2 canonical CBOR/g

Closed: [webauthn] Signature format needs to be defined

Closed: [webauthn] Subject-C type in packed cert requirements is incorrect

Closed: [webauthn] TokenBindingId value doesn't permit the U2F "unused" value

Closed: [webauthn] U2F Attestation Statement Format does not define "self attestation" steps

Closed: [webauthn] UAs can't pass unknown extensions to authenticators

Closed: [webauthn] update extensions framework to include interfacing with user agent permissions framework

Closed: [webauthn] What's this SPEC for?

Closed: [webauthn] Why is the Token Binding ID a base64url encoded DOMString rather than an ArrayBuffer?

Closed: [webauthn] §9.5. "Authenticator extension processing" is ambiguous

FYI - TravisCI keeps getting disabled

fyi: Intent to Implement and ship: aligning U2F attestation with webauthn

fyi: Intent to Ship: Web Authentication

how to generate diff for webauthn specs?

Milestone reached

New Version Notification for draft-hodges-webauthn-registries-01.txt

Regrets for 02/14/2018 W3C Web Authentication WG Meeting

untriaged issues & PRs ?

Last message date: Wednesday, 28 February 2018 22:59:41 UTC