[webauthn] new commits pushed by emlun

• From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
• Date: Thu, 11 Jan 2018 19:38:49 +0000
• To: public-webauthn@w3.org
• Message-ID: <push-8ee452ce488fd54bbd2ea1018422ef31d321307b-1515699528-sysbot+gh@w3.org>

The following commits were just pushed by emlun to https://github.com/w3c/webauthn:

* Clarify PublicKeyCredentialEntity name descriptions

This resolves #622. This also changes some display name examples to
include non-ASCII characters.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/8cdeac8e52a0b21688fdd429fafb43a8dc2b445d

* Drop user.name uniqueness recommendation
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/be5143fb9d5f50c056a95f1ab358307c5a9df4d4

* Merge branch 'master' into issue-622
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/343b89d8a64e81920133c1df25515d769528a959

* Partially address review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/819b77a0be534ff0dc4e6754893dcbd0bd9c05de

* Change link target for [=username=]
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1f8e10ce3d47aabf9df84007f6b6d04766008c41

* Address review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/7508d60780468ae570d93e4a95bb350f13fd686b

* Extract formal definition of Human Palatability
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/64b728e13e4ea65e1b13045baf52b677cf8ed345

* Rework the FIDO AppID extension.

This change clarifies the the behaviour of the `appid` client extension
and removes the client extension output.

Fixes #491.
  by Adam Langley
https://github.com/w3c/webauthn/commit/b631dc5613ca267066f6cf6ab83f66f1a19b349f

* Don't say user handle is optional in Public Key Credential Source definition

This resolves #720.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/d448eb3a2da0b5682cdf98c10c6a3ee5d399d667

* Reference EduPerson for definition of Human Palatability
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1904e734025fd9262669e69b42b6745f7da63d2b

* Don't return user handle in getAssertion in 2nd factor mode

As stated in
https://github.com/w3c/webauthn/pull/558#issuecomment-331537953 and
https://github.com/w3c/webauthn/pull/558#issuecomment-330592503 the user
handle should not be returned when operating in 2nd factor mode (i.e.,
when given a non-empty `allowCredentials` list).
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/3b2a1d141cbd8f2954f073a6b6598d954398a986

* Respond to PR comments.
  by Adam Langley
https://github.com/w3c/webauthn/commit/ba0f730e3ef2fdbad0d242bddec5e08f3ad45b47

* Address review comments by @akshayku
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/3938fc136da36ba518809b7ba9df476360173cf0

* CTAP alignment: Make storing user handle optional for non-resident keys

CTAP's [authenticatorMakeCredential][1] method stores the `user`
parameter only for resident credentials.

[1]: https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html#h3_authenticatorMakeCredential
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/609d28a34bc5ff9b96c10f17db308268f9aa4ec5

* Revert "Don't say user handle is optional in Public Key Credential Source definition"

This reverts commit d448eb3a2da0b5682cdf98c10c6a3ee5d399d667.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/684581f714e3a4c10f07f63db5233751e9bbf3a2

* add 'Dictionary' to Credential{Creation,Request}Options section titles
  by JeffH
https://github.com/w3c/webauthn/commit/8b1b3da69e1e0ce4adda44b7fa21e3a1e47966a3

* Address one of @equalsJeffH's review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f3e8afbad0d20ede932bb483be9e91ed01df1b6f

* Merge pull request #734 from w3c/jeffh-fix-497-dict-extension-titles

fix #497: add 'Dictionary' to Credential{Creation,Request}Options section titles
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/950f574888860152a8ae5b4921d4675a269363d3

* fix #455: we are using CTAP canonical CBOR encoding form everywhere (#731)

* fix #455: we are using CTAP canonical CBOR encoding form everywhere

* incorp akshayku's comment, thx!
  by =JeffH
https://github.com/w3c/webauthn/commit/7be2d3df6c938a85cdd2c01b40dfdaf3e58c3d63

* Merge pull request #730 from w3c/issue-720-user-handle-optional

Fix #720: Align user handle management with CTAP
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/5948f3bea8d5ae5fd7137dadce20b1c3e267d6e5

* Merge branch 'master' into issue-622
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/432e531a7aa50013725964d6a0464113c7f8ba9e

* Merge pull request #666 from emlun/issue-622

Merging as decided on 2018-01-03 WG call.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/35b730be6d0e3db254db61f73c3a9dc2e602ddb4

* Merge branch 'master' into issue491
  by Adam Langley
https://github.com/w3c/webauthn/commit/9c6ad1e18bb8aa1dc8b28fb417bcab5f11358f08

* Link “assertion”, as requested by Jeff.
  by Adam Langley
https://github.com/w3c/webauthn/commit/6c9d5295ffee0a3820b8d387de3312521ffc8041

* Merge pull request #723 from agl/issue491

Rework the FIDO AppID extension.
  by Adam Langley
https://github.com/w3c/webauthn/commit/0ed625785d7d8c01cc43a1d3910034a0ff49141a

* Normalize RFC2119 langugage (#470)

* Normalize RFC langugages

* Minor tweak to not accidentally change things

* update based on review

* fixed travis build issue
  by Angelo Liao
https://github.com/w3c/webauthn/commit/3cfaeba5be63850c23231fa220e8b5592bfd62ed

* fix #322: flesh out Security Considerations (for now) (#705)

merging this per discussion on today's webauthn call.  @agl & @leshi: please submit discrete issues for the items you identified above. thx. 

commits:
* consolidate sec cons sections, create priv cons

* update FIDOSecRef URL to point to latest rev

* add FIDOAuthnrSecReqs ref, minor editorials

* expand WebAuthn client dfn, compose sec cons intro ref'g FIDOSecRef and FIDOAuthnrSecReqs

* fix AttestationNotPrivateError linking error, thx angelokai!

* fix [[DiscoverFromExternalSource]] link error, thx AngeloKai!

* address emlun's feedback, thx!

* merge from master and fix conflicts
  by =JeffH
https://github.com/w3c/webauthn/commit/c64bdaf2f6b026369729e553b6008d4830e61993

* Changed uses of JSON string to USVString (#739)
  by Mike Jones
https://github.com/w3c/webauthn/commit/ade832157979451f8e69367f0d5749a939ec2aef

* Merge branch 'master' into issue-184
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f7bc2f865e7b8c7689084a00c4cb501e7ad20b4c

* Fix typo
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/8ee452ce488fd54bbd2ea1018422ef31d321307b

Received on Thursday, 11 January 2018 19:38:52 UTC