07/04/2018 W3C Web Authentication WG Meeting Agenda - Meeting cancelled
07/11/2018 W3C Web Authentication WG Meeting Agenda
07/18/2018 W3C Web Authentication WG Meeting Agenda
07/25/2018 W3C Web Authentication WG Meeting Agenda
[w3c/webauthn]
- GitHub (Thursday, 26 July)
- GitHub (Wednesday, 25 July)
- GitHub (Wednesday, 25 July)
- GitHub (Wednesday, 25 July)
- GitHub (Wednesday, 18 July)
- GitHub (Wednesday, 18 July)
- GitHub (Wednesday, 18 July)
- GitHub (Wednesday, 18 July)
- GitHub (Thursday, 12 July)
- GitHub (Wednesday, 11 July)
- GitHub (Wednesday, 11 July)
- GitHub (Wednesday, 11 July)
- GitHub (Wednesday, 11 July)
- GitHub (Monday, 9 July)
- GitHub (Friday, 6 July)
- GitHub (Friday, 6 July)
[w3c/webauthn] 010874: Replace Client-side-resident Credential Private Ke...
[w3c/webauthn] 0a4120: Remove undefined macro reference [RP ID]
[w3c/webauthn] 0c0c79: Built by Travis-CI: f864d09715352ba30390664aa42518...
[w3c/webauthn] 0f3802: fix #939 add intro abort lang to getAssn (#1006)
[w3c/webauthn] 11ffca: Built by Travis-CI: 9033fc6fccd602c3705a43927e11b5...
[w3c/webauthn] 12e5fb: Add term Client Platform
[w3c/webauthn] 1e3241: Add link to "attachment modality" reference
[w3c/webauthn] 1f70ea: Built by Travis-CI: 2154486d6af399c3bcbd62a3096213...
[w3c/webauthn] 243e72: update acks (#1013)
[w3c/webauthn] 249d60: Built by Travis-CI: 741cef6e2ce342e700b03662f688ef...
[w3c/webauthn] 25b0ff: Built by Travis-CI: 8b0eb719f2061d6d1d7c74a3677884...
[w3c/webauthn] 265fd3: Remove draft of use case descriptions
[w3c/webauthn] 280494: Colocate <dfn> of Client with WebAuthn Client
[w3c/webauthn] 2abe4c: Rewrite Authenticator taxonomy section introductio...
[w3c/webauthn] 2b1680: fix 985 add abort path to createCredential alg
[w3c/webauthn] 321e80: Add recommendation of scoping platform credentials...
[w3c/webauthn] 369e2c: Built by Travis-CI: 9033fc6fccd602c3705a43927e11b5...
[w3c/webauthn] 38f9d8: Built by Travis-CI: a0d84c1f4c470251453fef8e4171b8...
[w3c/webauthn] 397912: fix #939 add intro abort lang to getAssn
[w3c/webauthn] 3c4c8e: Built by Travis-CI: 0f38025c4acdd36f1e595432ac30aa...
[w3c/webauthn] 3cc531: Built by Travis-CI: 8d6b9ac209154be39fa6e08bb8e80f...
[w3c/webauthn] 414651: Built by Travis-CI: faee219e5bc1b9ceb8c83ccdb316d2...
[w3c/webauthn] 4580bd: fix 985 add abort path to createCredential alg (#1...
[w3c/webauthn] 46d1fd: Remove now unused image file
[w3c/webauthn] 4a2dd4: fix #180: do not totally lose the term "WebAuthn R...
[w3c/webauthn] 4ddc3c: add presentation admonition wrt name-ish strings
[w3c/webauthn] 4df371: Built by Travis-CI: 243e72f84a35f7d2774dbfbc8da58e...
[w3c/webauthn] 4e9893: Built by Travis-CI: 005ec66866c2f3329f6c780a9351df...
[w3c/webauthn] 50f0f6: Built by Travis-CI: a0d84c1f4c470251453fef8e4171b8...
[w3c/webauthn] 564198: Built by Travis-CI: 7159c08b280b82a9a8d00d35212470...
[w3c/webauthn] 564fa0: renumber figure references
[w3c/webauthn] 617d83: Built by Travis-CI: 81e8056e275eed52606b7eb406ee42...
[w3c/webauthn] 62cdb5: Clarify behaviour for authnrs not implementing sig...
[w3c/webauthn] 62d97b: Remove old references to deleted use case descript...
[w3c/webauthn] 66d00c: Built by Travis-CI: ca80875c6dc6b6f0eb3f4a02f39774...
[w3c/webauthn] 671666: Built by Travis-CI: 005ec66866c2f3329f6c780a9351df...
[w3c/webauthn] 671ba7: Built by Travis-CI: 243e72f84a35f7d2774dbfbc8da58e...
[w3c/webauthn] 699c58: Revert "Add Issue: pointing out that Authenticator...
[w3c/webauthn] 6a6bf4: add domain-only rationale in two places (#975)
[w3c/webauthn] 6da4bb: Built by Travis-CI: 321e805b763bc86ff996403da6bfd1...
[w3c/webauthn] 6eb470: fix #24: add reg & authn flow diagrams, thanks apo...
[w3c/webauthn] 71da52: polish
[w3c/webauthn] 768368: Fix spelling mistake
[w3c/webauthn] 770991: fix 864: Note regarding CTAP2 integer keys vs weba...
[w3c/webauthn] 791957: Built by Travis-CI: 8b0eb719f2061d6d1d7c74a3677884...
[w3c/webauthn] 7958a9: Built by Travis-CI: fe09a70a41372690257fa3730a6dc8...
[w3c/webauthn] 8161da: Built by Travis-CI: 81e8056e275eed52606b7eb406ee42...
[w3c/webauthn] 81e805: fix #24: add reg & authn flow diagrams (#1007)
[w3c/webauthn] 862f42: Replace local/remote storage terms with client/ser...
[w3c/webauthn] 87d5ec: Built by Travis-CI: a96110e1d087a09dada43ceb7fe5a6...
[w3c/webauthn] 8a75d7: Built by Travis-CI: 321e805b763bc86ff996403da6bfd1...
[w3c/webauthn] 8b0eb7: Precisize "platform" and "device" terminology (#99...
[w3c/webauthn] 8babb6: Address @selfissued's review comments
[w3c/webauthn] 8c453c: Built by Travis-CI: 6a6bf465c54a8ad4737c8064587b66...
[w3c/webauthn] 8f2767: remove inapprop phrase and link some terms
[w3c/webauthn] 9033fc: fix 364 timeout reasonable range (#971)
[w3c/webauthn] 905de0: Disambiguate appid extension output behaviour
[w3c/webauthn] 911864: Make transaction authorization extensions authenti...
[w3c/webauthn] 91d059: Built by Travis-CI: fe09a70a41372690257fa3730a6dc8...
[w3c/webauthn] 96ba75: Fully qualify modality terms
[w3c/webauthn] 9b04d6: Built by Travis-CI: 2154486d6af399c3bcbd62a3096213...
[w3c/webauthn] 9c34ec: Built by Travis-CI: bf4dbab0541a445b79bcf20f38ccd6...
[w3c/webauthn] 9dbcd9: fix #1015 FAR should be FRR
[w3c/webauthn] a0a995: Built by Travis-CI: 7159c08b280b82a9a8d00d35212470...
[w3c/webauthn] a0d84c: fix 933: authnr does not enforce RP ID being eTLD+...
[w3c/webauthn] a0dd8d: Built by Travis-CI: 7e5256f6f564fa99f68e4512340214...
[w3c/webauthn] a96110: fix #866: clarify sentence wrt challenges (#977)
[w3c/webauthn] ab9140: Built by Travis-CI: faee219e5bc1b9ceb8c83ccdb316d2...
[w3c/webauthn] acb0f6: fix #712 JSON-serialized client data is wrong
[w3c/webauthn] ada317: Expand OS acronym in section title
[w3c/webauthn] ae7502: Built by Travis-CI: 7709911ace404df7f6d01151cdef10...
[w3c/webauthn] b4b0d1: Built by Travis-CI: 4a2dd437f11fd5802560c64e3615bc...
[w3c/webauthn] b9e873: Built by Travis-CI: 7709911ace404df7f6d01151cdef10...
[w3c/webauthn] ba407b: Built by Travis-CI: f864d09715352ba30390664aa42518...
[w3c/webauthn] bc1589: Add caption and number to authenticator types tabl...
[w3c/webauthn] bc25ca: Built by Travis-CI: 4a2dd437f11fd5802560c64e3615bc...
[w3c/webauthn] bcad9c: Built by Travis-CI: 0f38025c4acdd36f1e595432ac30aa...
[w3c/webauthn] cc7aff: Built by Travis-CI: a96110e1d087a09dada43ceb7fe5a6...
[w3c/webauthn] d45d8f: Add table numbers and captions
[w3c/webauthn] d95918: Address review comments
[w3c/webauthn] dcb394: Built by Travis-CI: ca80875c6dc6b6f0eb3f4a02f39774...
[w3c/webauthn] e132d0: Add recommendation of scoping platform credentials...
[w3c/webauthn] e243c2: revise RP ID definition and Note (#970)
[w3c/webauthn] e59483: fix 864: added Note
[w3c/webauthn] e949d5: Built by Travis-CI: 7e5256f6f564fa99f68e4512340214...
[w3c/webauthn] e95d78: update acks
[w3c/webauthn] eb5a10: Built by Travis-CI: 6a6bf465c54a8ad4737c8064587b66...
[w3c/webauthn] ed3abe: Add two abort paths for getting an assertion.
[w3c/webauthn] f749dc: 'client' rather than 'client platform'
[w3c/webauthn] f864d0: Fix #593: employ PRECIS RFC8264 et al for 'name'-i...
[w3c/webauthn] fe09a7: fix #493: be explicit about "same user" is verifie...
[w3c/webauthn] ffcd4d: Built by Travis-CI: 8d6b9ac209154be39fa6e08bb8e80f...
[webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way
- =JeffH via GitHub (Tuesday, 24 July)
- Boris Zbarsky via GitHub (Friday, 13 July)
- =JeffH via GitHub (Friday, 13 July)
- Boris Zbarsky via GitHub (Friday, 13 July)
- =JeffH via GitHub (Friday, 13 July)
- Emil Lundberg via GitHub (Thursday, 12 July)
- =JeffH via GitHub (Monday, 9 July)
- Boris Zbarsky via GitHub (Monday, 9 July)
- =JeffH via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Boris Zbarsky via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Boris Zbarsky via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Boris Zbarsky via GitHub (Friday, 6 July)
- Boris Zbarsky via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- Boris Zbarsky via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Boris Zbarsky via GitHub (Monday, 2 July)
- =JeffH via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
[webauthn] `publicKey` member name in `CredentialCreationRequestOptions` should be `"public-key"`, or vice-versa?
[webauthn] add abort path to createCredential alg to match that added to getAssertion alg
[webauthn] add captions for tables and id attrs so we can link to them
[webauthn] Add recommendation of scoping platform credentials to OS accounts
[webauthn] Add table numbers and captions
[webauthn] Add two abort paths for getting an assertion
[webauthn] Allow clients to stop the `get` flow when certain conditions are met
[webauthn] AppID extension: protocol version number?
[webauthn] Authenticator selection extension needs to define snapshotting behavior
[webauthn] Authenticator taxonomy: Attachment modality (replaces #842)
[webauthn] Authenticator taxonomy: Authenticator types
[webauthn] authenticatorGetAssertion has no ConstraintError step for requireUserVerification
[webauthn] Bad instructions in Android SafetyNet attestation validation steps
[webauthn] bikeshed now catching existing lint in master->index.bs
[webauthn] Clarification of valid prIdHash value requested in section 7 when using AppID extension
[webauthn] Clarify authenticator behaviour when not implementing signature counter
[webauthn] Clarify behaviour for authnrs not implementing signature counter
[webauthn] Clarify behaviour of rawId and id fields for resident key credentials
[webauthn] Clarify behaviour of rawId and id fields for residential key credentials
[webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
[webauthn] Closed Pull Request: Fix #593 - Refer to RFC 8266 for RP-controlled UI strings
[webauthn] Closed Pull Request: Remove undefined macro reference [RP ID]
[webauthn] Closed Pull Request: Removed old optional counter step to remove confusions
[webauthn] coalesce HTML references?
[webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
[webauthn] credential id privacy
[webauthn] Decoding TPM `certInfo` and `pubArea`?
[webauthn] Determining length of `attestedCredentialData` when authenticator extensions present.
[webauthn] Display name content rules?
[webauthn] Eliminate duplicate terminology
[webauthn] Explain how Token Binding IDs get associated with an HTML context.
[webauthn] fix #180: do not totally lose the term "WebAuthn Relying Party"
[webauthn] fix #24: add reg & authn flow diagrams
[webauthn] fix #493: be explicit about "same user" is verified at get() time as was verified at create() time
[webauthn] fix #517: add rationale wrt only "valid domain" format is allowed for "effective domain"
[webauthn] Fix #593 - Refer to RFC 8266 for RP-controlled UI strings
[webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
[webauthn] fix #866: clarify sentence wrt challenges
[webauthn] fix #939 add intro abort language to #getAssertion
[webauthn] fix 364 timeout reasonable range
[webauthn] fix 864: Note regarding CTAP2 integer keys vs webauthn string keys
[webauthn] fix 985 add abort path to createCredential alg
[webauthn] Indicate resident key credential "preferred" during registration and find out what the authenticator offered
[webauthn] Integrate with Feature Policy and define Feature-Identifier value for WebAuthn
[webauthn] JSON-serialized client data is wrong
[webauthn] Make transaction authorization extensions authentication exts only
[webauthn] Merged Pull Request: Add recommendation of scoping platform credentials to OS accounts
[webauthn] Merged Pull Request: Add table numbers and captions
[webauthn] Merged Pull Request: Add two abort paths for getting an assertion
[webauthn] Merged Pull Request: Authenticator taxonomy: Attachment modality (replaces #842)
[webauthn] Merged Pull Request: Authenticator taxonomy: Authenticator types
[webauthn] Merged Pull Request: Clarify behaviour for authnrs not implementing signature counter
[webauthn] Merged Pull Request: Disambiguate appid extension output behaviour
[webauthn] Merged Pull Request: fix #180: do not totally lose the term "WebAuthn Relying Party"
[webauthn] Merged Pull Request: fix #24: add reg & authn flow diagrams
[webauthn] Merged Pull Request: fix #493: be explicit about "same user" is verified at get() time as was verified at create() time
[webauthn] Merged Pull Request: fix #517: add rationale wrt only "valid domain" format is allowed for "effective domain"
[webauthn] Merged Pull Request: Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
[webauthn] Merged Pull Request: fix #866: clarify sentence wrt challenges
[webauthn] Merged Pull Request: fix #939 add intro abort language to #getAssertion
[webauthn] Merged Pull Request: fix 364 timeout reasonable range
[webauthn] Merged Pull Request: fix 864: Note regarding CTAP2 integer keys vs webauthn string keys
[webauthn] Merged Pull Request: fix 933: authnr does not enforce RP ID being eTLD+1 of RP's origin
[webauthn] Merged Pull Request: fix 985 add abort path to createCredential alg
[webauthn] Merged Pull Request: Make transaction authorization extensions authentication exts only
[webauthn] Merged Pull Request: Precisize "platform" and "device" terminology
[webauthn] Merged Pull Request: Replace local/remote storage terms with client/server side
[webauthn] Merged Pull Request: Replace resident key terminology as proposed in #905
[webauthn] Merged Pull Request: update acks
[webauthn] Minor typo - FAR should be FRR
[webauthn] Minor typo in Android Key Attestation Format
[webauthn] MUST authenticators still perform self attestation?
[webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
[webauthn] new commits pushed by agl
[webauthn] new commits pushed by emlun
- Emil Lundberg via GitHub (Wednesday, 25 July)
- Emil Lundberg via GitHub (Wednesday, 25 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Wednesday, 18 July)
- Emil Lundberg via GitHub (Monday, 16 July)
- Emil Lundberg via GitHub (Friday, 13 July)
- Emil Lundberg via GitHub (Thursday, 12 July)
- Emil Lundberg via GitHub (Thursday, 12 July)
- Emil Lundberg via GitHub (Thursday, 12 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Friday, 6 July)
- Emil Lundberg via GitHub (Friday, 6 July)
- Emil Lundberg via GitHub (Wednesday, 4 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
- Emil Lundberg via GitHub (Monday, 2 July)
[webauthn] new commits pushed by equalsJeffH
- =JeffH via GitHub (Friday, 27 July)
- =JeffH via GitHub (Friday, 27 July)
- =JeffH via GitHub (Thursday, 26 July)
- =JeffH via GitHub (Wednesday, 25 July)
- =JeffH via GitHub (Wednesday, 25 July)
- =JeffH via GitHub (Wednesday, 25 July)
- =JeffH via GitHub (Wednesday, 25 July)
- =JeffH via GitHub (Wednesday, 25 July)
- =JeffH via GitHub (Tuesday, 24 July)
- =JeffH via GitHub (Tuesday, 24 July)
- =JeffH via GitHub (Tuesday, 24 July)
- =JeffH via GitHub (Tuesday, 24 July)
- =JeffH via GitHub (Tuesday, 24 July)
- =JeffH via GitHub (Wednesday, 18 July)
- =JeffH via GitHub (Friday, 13 July)
- =JeffH via GitHub (Friday, 13 July)
- =JeffH via GitHub (Thursday, 12 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Tuesday, 10 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
- =JeffH via GitHub (Friday, 6 July)
[webauthn] new commits pushed by WebAuthnBot
- WebAuthnBot via GitHub (Thursday, 26 July)
- WebAuthnBot via GitHub (Thursday, 26 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Wednesday, 25 July)
- WebAuthnBot via GitHub (Tuesday, 24 July)
- WebAuthnBot via GitHub (Tuesday, 24 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Wednesday, 18 July)
- WebAuthnBot via GitHub (Tuesday, 17 July)
- WebAuthnBot via GitHub (Friday, 13 July)
- WebAuthnBot via GitHub (Friday, 13 July)
- WebAuthnBot via GitHub (Thursday, 12 July)
- WebAuthnBot via GitHub (Thursday, 12 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Wednesday, 11 July)
- WebAuthnBot via GitHub (Friday, 6 July)
- WebAuthnBot via GitHub (Friday, 6 July)
- WebAuthnBot via GitHub (Friday, 6 July)
- WebAuthnBot via GitHub (Friday, 6 July)
- WebAuthnBot via GitHub (Friday, 6 July)
- WebAuthnBot via GitHub (Friday, 6 July)
[webauthn] NULL or DOMException
[webauthn] Partial dictionaries for extension outputs may be incorrect use of WebIDL
[webauthn] Platform authenticators and key stores
[webauthn] Precisize "platform" and "device" terminology
[webauthn] Privacy across OS accounts
[webauthn] Propose SafetyNet as an extension
[webauthn] Public key rules for "packed" attestation type
[webauthn] Pull Request: Add recommendation of scoping platform credentials to OS accounts
[webauthn] Pull Request: Add table numbers and captions
[webauthn] Pull Request: Clarify behaviour for authnrs not implementing signature counter
[webauthn] Pull Request: Disambiguate appid extension output behaviour
[webauthn] Pull Request: fix #1015 FAR should be FRR
[webauthn] Pull Request: fix #24: add reg & authn flow diagrams
[webauthn] Pull Request: fix #712 JSON-serialized client data is wrong
[webauthn] Pull Request: fix #939 add intro abort language to #getAssertion
[webauthn] Pull Request: fix 864: Note regarding CTAP2 integer keys vs webauthn string keys
[webauthn] Pull Request: fix 933: authnr does not enforce RP ID being eTLD+1 of RP's origin
[webauthn] Pull Request: fix 985 add abort path to createCredential alg
[webauthn] Pull Request: Make transaction authorization extensions authentication exts only
[webauthn] Pull Request: Precisize "platform" and "device" terminology
[webauthn] Pull Request: Propose SafetyNet as an extension
[webauthn] Pull Request: Remove undefined macro reference [RP ID]
[webauthn] Pull Request: Removed old optional counter step to remove confusions
[webauthn] Pull Request: Replace local/remote storage terms with client/server side
[webauthn] Pull Request: Replace resident key terminology as proposed in #905
[webauthn] Pull Request: update acks
[webauthn] Pull Request: WIP: Authenticator taxonomy: Use cases
[webauthn] Recovering from Device Loss
[webauthn] Remove undefined macro reference [RP ID]
[webauthn] Removed old optional counter step to remove confusions
[webauthn] Replace resident key terminology as proposed in #905
[webauthn] Requesting ability to detect if there is an authenticator available which is capable of resident key credential
[webauthn] Revise same-origin as ancestor requirements
[webauthn] SafetyNet Attestation Clarifications
[webauthn] SafetyNet response as an extension
- gmandyam via GitHub (Thursday, 26 July)
- gmandyam via GitHub (Wednesday, 25 July)
- John Bradley via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
- Ackermann Yuriy via GitHub (Wednesday, 25 July)
- Ackermann Yuriy via GitHub (Wednesday, 25 July)
- John Bradley via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
- Adam Powers via GitHub (Wednesday, 25 July)
- Ackermann Yuriy via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
- Ackermann Yuriy via GitHub (Wednesday, 25 July)
- Ackermann Yuriy via GitHub (Wednesday, 25 July)
- gmandyam via GitHub (Wednesday, 25 July)
[webauthn] Security threat: Username enumeration
[webauthn] Sign counter alg 507 alternative: optional sig counter
[webauthn] some RPs may wish to allow multiple registrations to same user account
[webauthn] Tighten security scope by port
[webauthn] Transaction authorization extensions are registration and authentication extension?
[webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- Peter Saint-Andre via GitHub (Wednesday, 18 July)
- Addison Phillips via GitHub (Wednesday, 18 July)
- =JeffH via GitHub (Wednesday, 18 July)
- =JeffH via GitHub (Thursday, 12 July)
- Adam Langley via GitHub (Thursday, 12 July)
- asmusf via GitHub (Thursday, 12 July)
- =JeffH via GitHub (Wednesday, 11 July)
- Akshay Kumar via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Tuesday, 10 July)
- asmusf via GitHub (Monday, 9 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- asmusf via GitHub (Saturday, 7 July)
- asmusf via GitHub (Saturday, 7 July)
- Addison Phillips via GitHub (Friday, 6 July)
- Anthony Nadalin via GitHub (Thursday, 5 July)
[webauthn] What does "the extension was acted upon" mean for the AppID extension?
- Mike Jones via GitHub (Wednesday, 11 July)
- Akshay Kumar via GitHub (Wednesday, 11 July)
- Emil Lundberg via GitHub (Wednesday, 11 July)
- Akshay Kumar via GitHub (Wednesday, 11 July)
- =JeffH via GitHub (Tuesday, 10 July)
- Emil Lundberg via GitHub (Monday, 9 July)
- Adam Langley via GitHub (Tuesday, 3 July)
- Emil Lundberg via GitHub (Tuesday, 3 July)
- Adam Langley via GitHub (Tuesday, 3 July)
- Emil Lundberg via GitHub (Tuesday, 3 July)
- Emil Lundberg via GitHub (Tuesday, 3 July)
[webauthn] WIP: Authenticator taxonomy (replaces #842)
Closed: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
Closed: [webauthn] add abort path to createCredential alg to match that added to getAssertion alg
Closed: [webauthn] add captions for tables and id attrs so we can link to them
Closed: [webauthn] Allow clients to stop the `get` flow when certain conditions are met
Closed: [webauthn] authenticator taxonomy
Closed: [webauthn] authenticatorGetAssertion has no ConstraintError step for requireUserVerification
Closed: [webauthn] be explict about "same user" is verified at get() time as was verified at create() time
Closed: [webauthn] Clarify authenticator behaviour when not implementing signature counter
Closed: [webauthn] Clarify behaviour of rawId and id fields for resident key credentials
Closed: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
Closed: [webauthn] Constrain the "reasonable range" of timeouts
Closed: [webauthn] credential id privacy
Closed: [webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys
Closed: [webauthn] Decoding TPM `certInfo` and `pubArea`?
Closed: [webauthn] Display name content rules?
Closed: [webauthn] do not totally lose the term "WebAuthn Relying Party"
Closed: [webauthn] document why only "valid domain" format is allowed for "effective domain"
Closed: [webauthn] Grammar error in Sec 13.1
Closed: [webauthn] introductory abort language missing from [[Get]]() section
Closed: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
Closed: [webauthn] Privacy across OS accounts
Closed: [webauthn] Requesting ability to detect if there is an authenticator available which is capable of resident key credential
Closed: [webauthn] Transaction authorization extensions are registration and authentication extension?
Closed: [webauthn] What does "the extension was acted upon" mean for the AppID extension?
coalesce HTML references?
Consensus on CR revision of WebAuthn
EnclaveDB: a secure database using SGX
Fwd: [Demo] Worldline demo of Payment Request, Payment Handler, and WebAuthN
Fwd: Reminder - Re: TPAC 2018 registration now open
fyi: Postponed by 8 days - Call for Participation: W3C Workshop on Permissions and User Consent
fyi: W3C Workshop on Permissions and User Consent
Invite to Dependent WGs to review WebAuthn API CR update
LInks wrt publishing revised CR (was: Consensus on CR revision of WebAuthn)
lock the webauthn repo?
Reminder - Re: TPAC 2018 registration now open
Reminder and additional information - Re: TPAC 2018 registration now open
Request to Update Candidate Recommendation for WebAuthn API
Scribing tomorrow
Security threat: Username enumeration
Summit on Recovering from Device Loss in WebAuthn
WebAuthn now on CanIUse
WebAuthn/WebPayments/PSD2 Demos
wrt issue #750 `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way
wrt issue #973 truncation to 64-byte upper limit doesn't mention character boundaries
Last message date: Tuesday, 31 July 2018 18:06:21 UTC