W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

[webauthn] new commits pushed by emlun

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Tue, 26 Jun 2018 18:38:02 +0000
To: public-webauthn@w3.org
Message-ID: <push-3766649f894ef76d3a17ddc0def7220a7d2fb010-1530038281-sysbot+gh@w3.org>

The following commits were just pushed by emlun to https://github.com/w3c/webauthn:

* Document prevention of attacks on privacy
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/10e12d0bfffa8d5cf6980425e90766d66050ff0d

* Reference §14.4 in §14.2
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/6a83ec06d619aedee05d1f9892f453689b6fcb1b

* Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable.

As discussed on the issue, implementations appear to be converging on
implementing this call without prompting the user and returning
immediately. The wording in this section is loose enough that
implementations that wish to continue using a timeout can find enough
slack to do so, but this change removes the firm suggestion to do so.

Also, align the spacing of “Promise<T>” to match the style used
elsewhere in the W3C specs.

Fixes #575
  by Adam Langley
https://github.com/w3c/webauthn/commit/f55c4c3a38ef18349b1feb91f8763875c39758d5

* Eliminate the “not-supported” option for tokenBinding.status

The tokenBinding member is optional so this created two different ways
to encode that tokenBinding wasn't supported: omitting tokenBinding
completely and including it with status = “not-supported”. This change
eliminates the second option.

This matches Firefox's current behaviour and Chrome will align.

Fixes #907.
  by Adam Langley
https://github.com/w3c/webauthn/commit/df81b61d660079345c1e40afc2762ea812db96f0

* Specify the meaning of omitting tokenBinding.
  by Adam Langley
https://github.com/w3c/webauthn/commit/31aed6629c957829466415ad62d93e2210524e3f

* Address @selfissued's review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/0b3e939f9142a1b7c8d1edb9d9c0e354cfbc9866

* Remove confirmation prompt from isUserVerifyingPlatformAuthenticatorAvailable()

See:

- https://github.com/w3c/webauthn/issues/575#issuecomment-386059592
- https://github.com/w3c/webauthn/issues/575#issuecomment-386650507
- https://github.com/w3c/webauthn/issues/575#issuecomment-393134099
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/ad22fce9fbe6685490dd767bb52445e600c9af88

* Merge branch 'master' into issue907
  by Adam Langley
https://github.com/w3c/webauthn/commit/0db8a61125c6dbb88474207123e34e1742f666cc

* Merge pull request #1 from w3c/issue575-remove-consent-prompt

Remove confirmation prompt from isUVPAA
  by Adam Langley
https://github.com/w3c/webauthn/commit/82b6b3732eee66d37672454ea59fb93eb608bc6b

* Merge branch 'master' into issue575
  by Adam Langley
https://github.com/w3c/webauthn/commit/06db112d81e09878257e54e7febaabe16f4a89e6

* Change “optional” to “OPTIONAL”.
  by Adam Langley
https://github.com/w3c/webauthn/commit/802ddec2c7b0bdcbe01bdd2b89715bd4043f5cd9

* Address some review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f97fb77e80ee38f1ab8bb71463c7342e357435c4

* Change "human being" to "natural person" and link to Wikipedia
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/a510bbfaabec0b6c6e433cae6bae515fbe829137

* Address the rest of @equalsJeffH's review comments
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b78943880492bb4d57e774af02906d16fad06305

* Add @equalsJeffH's rewording
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b136ba2d483c6e5a7905b1ca8a3d9714a9dd5cef

* Clarify difference between |x5c| and |aikCert| in TPM attstmt verification
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/fd73fa51b2f996ac58ab0ffddcb670ef3025088a

* Clarify difference between |x5c| and |attestnCert| in Packed attstmt verification
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b7f7fb47ff082baf5977cbc60af2d1748b86860a

* Merge remote-tracking branch 'origin/master' into issue907
  by Adam Langley
https://github.com/w3c/webauthn/commit/7ef6a96e22c8e1b4a3773e0ac87e1a6174109257

* Merge remote-tracking branch 'origin/master' into issue575
  by Adam Langley
https://github.com/w3c/webauthn/commit/1678bbc8e6a6c63f06af909aad451fec8897d52b

* Merge pull request #914 from agl/issue907

Eliminate the “not-supported” option for tokenBinding.status
  by Adam Langley
https://github.com/w3c/webauthn/commit/a68f1a9256a7d73a71e68cec7d45f280dc46f033

* Merge pull request #904 from agl/issue575

Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
  by Adam Langley
https://github.com/w3c/webauthn/commit/2d669ded704e8adffd6e1fe981bd46bbb40650ab

* Delete hardline statement about trust requirement for UV

See discussion in
https://github.com/w3c/webauthn/pull/899#discussion_r195171633
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/1e0471f6ca63ec4d20b2bbca107b0bc08ec91a4b

* Revert "Change "human being" to "natural person" and link to Wikipedia"

This reverts commit a510bbfaabec0b6c6e433cae6bae515fbe829137.
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/48d6579f37e1ad5eb9ada299255c62a1151ce680

* Specify extension types in listing instead of prose (#941)

* Specify extension type in listing instead of prose

* Change listing heading from "Extension type" to "Operation applicability"

* Always capitalize Authentication in this context
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/10b27b671d42b437f0ce1bc3050f43f85a28d1db

* Merge pull request #899 from w3c/issue-743-de-anon-priv-cons

Document prevention of attacks on privacy
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/2b5246585fe1703cf13775275dba575126edb99a

* Merge pull request #952 from w3c/issue-950-tpm-verification-clarity

Improve clarity of |x5c| in packed and tpm attstmt verification procedures
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/b4e3fcc9b35584bc45fd83460c593620d25ae380

* Merge branch 'master' into authenticator-taxonomy
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/3766649f894ef76d3a17ddc0def7220a7d2fb010
Received on Tuesday, 26 June 2018 18:38:06 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC