Saturday, 30 June 2018
- Re: [webauthn] Authenticator selection extension needs to define snapshotting behavior
- Re: [webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way
Friday, 29 June 2018
- Re: [webauthn] Recovering from Device Loss
- Re: [webauthn] credential id privacy
- [w3c/webauthn] b5810b: Tone back trust assumption in authn ceremony struc...
- [webauthn] Merged Pull Request: Tone back trust assumption in authn ceremony structures section
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] credential id privacy
- [webauthn] Closed Pull Request: Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] fix #180: do not totally lose the term "WebAuthn Relying Party"
Thursday, 28 June 2018
- yesterday's minutes
- Re: [webauthn] fix #180: do not totally lose the term "WebAuthn Relying Party"
- Re: [webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys
- [webauthn] Pull Request: fix #866: clarify sentence wrt challenges
- [w3c/webauthn] a6cc12: fix 866
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Pull Request: fix #493: be explicit about "same user" is verified at get() time as was verified at create() time
- [w3c/webauthn] 165777: make it a Note
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] eb7228: add anchor to authnrMakeCred user consent step
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Pull Request: fix #517: add rationale wrt only "valid domain" format is allowed for "effective domain"
- [w3c/webauthn] 2ceeb7: add domain-only rationale in two places
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] credential id privacy
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] Tone back trust assumption in authn ceremony structures section
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] document why only "valid domain" format is allowed for "effective domain"
- [webauthn] Pull Request: fix #180: do not totally lose the term "WebAuthn Relying Party"
- [w3c/webauthn] cac5d6: add dfn of webauthn RP
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
Wednesday, 27 June 2018
- Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- [w3c/webauthn]
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Closed: [webauthn] Unused terms
- Re: [webauthn] Unused terms
- Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries
- [w3c/webauthn] 86cb4c: Built by Travis-CI: a583650f1e98abe83446fcf59d8ae8...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] abe3e7: Built by Travis-CI: a583650f1e98abe83446fcf59d8ae8...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] a58365: ignored extn does not return a value (#967)
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: ignored extn does not return a value
- Closed: [webauthn] appid extension: value when not acted upon?
- Re: [webauthn] ignored extn does not return a value
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- [w3c/webauthn] 702249: Built by Travis-CI: a188cb7e1b13990b060994e6c63b5f...
- [w3c/webauthn] c03ddd: Built by Travis-CI: a188cb7e1b13990b060994e6c63b5f...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] a188cb: Merging, per 27-Jun-18 working group call decision
- Closed: [webauthn] clean up RFC2119 language again
- [webauthn] new commits pushed by selfissued
- [webauthn] Merged Pull Request: Correct usage of RFC 2119 keywords again
- Closed: [webauthn] normalize RFC2119 language
- [w3c/webauthn] a3d57a: Built by Travis-CI: e243c2c7e4958d1e9cf65bf7c9c7e1...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] e243c2: revise RP ID definition and Note (#970)
- [webauthn] Merged Pull Request: revise RP ID definition and Note
- [webauthn] new commits pushed by equalsJeffH
- Closed: [webauthn] Note on "RP ID" is confusing
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- 06/27/2018 W3C Web Authentication WG Meeting Agenda
- [webauthn] AppID extension: protocol version number?
- Re: [webauthn] Authenticator selection extension needs to define snapshotting behavior
Tuesday, 26 June 2018
- Re: [webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- [webauthn] Pull Request: fix 364 timeout reasonable range
- [w3c/webauthn] 3f04d5: fix 364 timeout reasonable range
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- [w3c/webauthn] f937d2: Fix reference to undefined [=transport=]
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 10e12d: Document prevention of attacks on privacy
- [webauthn] new commits pushed by emlun
- Re: [webauthn] WIP: Authenticator taxonomy (replaces #842)
- [w3c/webauthn] 33d0ce: move ignored extensions admonition, thx emlun!
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] ignored extn does not return a value
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- [w3c/webauthn] d26ecf: Re-introduce missing definitions of [cross-]platfo...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] ab8f36: client-side normativity to SHOULD
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] 3f3ace: Use [=client device=] term in Attachment Modality ...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Added TPM verification clarifications
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
- [w3c/webauthn] 779194: Address @equalsJeffH's review comments
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Tone back trust assumption in authn ceremony structures section
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
- Re: [webauthn] SafetyNet Attestation Clarifications
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
Monday, 25 June 2018
- [w3c/webauthn] 926242: re-do section references per selfissued
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- [webauthn] Pull Request: revise RP ID definition and Note
- [w3c/webauthn] d1a49f: revise RP ID definition and Note
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] SafetyNet Attestation Clarifications
- Re: [webauthn] Added TPM verification clarifications
- Re: [webauthn] Note on "RP ID" is confusing
- Re: [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- [webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices
- Re: [webauthn] SafetyNet Attestation Clarifications
- [w3c/webauthn] 73c1a5: Built by Travis-CI: b4e3fcc9b35584bc45fd83460c5936...
- [w3c/webauthn] a3d32a: Built by Travis-CI: b4e3fcc9b35584bc45fd83460c5936...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Attestation validation issues
- [webauthn] new commits pushed by WebAuthnBot
- Closed: [webauthn] Attestation validation issues
- [w3c/webauthn]
- [w3c/webauthn] fd73fa: Clarify difference between |x5c| and |aikCert| in ...
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Improve clarity of |x5c| in packed and tpm attstmt verification procedures
- [w3c/webauthn] 4728cc: Change "does consent" to "confirms consent"
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 267419: Fix algorithm steps mistakenly swapped between cli...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
- Re: [webauthn] ignored extn does not return a value
- Re: [webauthn] SafetyNet Attestation Clarifications
- Re: [webauthn] Note on "RP ID" is confusing
Saturday, 23 June 2018
- Re: [webauthn] SafetyNet Attestation Clarifications
- Re: [webauthn] Attestation validation issues
- [webauthn] SafetyNet Attestation Clarifications
- Re: [webauthn] Attestation validation issues
- Closed: [webauthn] Define meaning of "Scope"
- Re: [webauthn] Define meaning of "Scope"
- Re: [webauthn] Attestation validation issues
Friday, 22 June 2018
- [webauthn] Pull Request: ignored extn does not return a value
- [w3c/webauthn] defb7b: ignored extn does not return a value
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn]
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Define meaning of "Scope"
- Re: [webauthn] undefined terms and terms we really ought to define
- Touch ID platform authenticator in Chrome
- Re: [webauthn] Added TPM verification clarifications
- Re: [webauthn] Added TPM verification clarifications
- Re: [webauthn] Added TPM verification clarifications
- Re: [webauthn] Microsoft edge Webauthn APIs makecredential throws DOMException 9 (Not SupportedError)
- Closed: [webauthn] Microsoft edge Webauthn APIs makecredential throws DOMException 9 (Not SupportedError)
- [webauthn] Microsoft edge Webauthn APIs makecredential throws DOMException 9 (Not SupportedError)
Thursday, 21 June 2018
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- WebAuthn/WebPayments/PSD2 Demos
- [webauthn] Defining meaning of "Scope"
- [w3c/webauthn] ba6d26: Fix Note:s mistakenly swapped between client opera...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] appid extension: value when not acted upon?
- [w3c/webauthn] dca382: Built by Travis-CI: 2b5246585fe1703cf13775275dba57...
- [w3c/webauthn] 1429da: Built by Travis-CI: 2b5246585fe1703cf13775275dba57...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] 10e12d: Document prevention of attacks on privacy
- Closed: [webauthn] document preventions of RP-driven de-anonymization attempts in privacy-cons
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Document prevention of attacks on privacy
- Closed: [webauthn] Describe attacks on privacy that are allowed/prevented
- Re: [webauthn] appid extension: value when not acted upon?
Wednesday, 20 June 2018
- Re: [webauthn] Note on "RP ID" is confusing
- Re: [webauthn] Candidate recommendation exit criteria
- Re: [webauthn] WIP: Authenticator taxonomy (replaces #842)
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] introductory abort language missing from [[Get]]() section
- Re: [webauthn] appid extension: value when not acted upon?
- Re: [webauthn] Candidate recommendation exit criteria
- Re: [webauthn] Candidate recommendation exit criteria
- Re: [webauthn] NULL or DOMException
- Re: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- Closed: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- Re: [webauthn] Add getAuthenticatorInfo to the Authenticator Model section
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: [webauthn] Add clearer definition of API use cases to the spec
- Re: [webauthn] Add clearer definition of API use cases to the spec
- [w3c/webauthn]
- [webauthn] new commits pushed by AngeloKai
- Re: [webauthn] Merge {#sample-scenarios} section with the {#usecase} section
- [webauthn] Closed Pull Request: Merge {#sample-scenarios} section with the {#usecase} section
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Closed: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] Fetch intergration for WebAuthn API
- Re: [webauthn] WIP: Authenticator taxonomy (replaces #842)
- [w3c/webauthn] cfd3f4: Built by Travis-CI: 10b27b671d42b437f0ce1bc3050f43...
- [w3c/webauthn] aa925e: Built by Travis-CI: 10b27b671d42b437f0ce1bc3050f43...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] 10b27b: Specify extension types in listing instead of pros...
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: Specify extension types in listing instead of prose
- [w3c/webauthn] 1e0471: Delete hardline statement about trust requirement ...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] b971c6: Always capitalize Authentication in this context
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Introduce WebAuthn Client Device term
- [w3c/webauthn] a6ab65: Mention rate limiting in UV definition
- [w3c/webauthn]
- [webauthn] Merged Pull Request: Mention rate limiting in UV definition
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 2ef1db: Introduce WebAuthn Client Device term
- [w3c/webauthn] 946007: Address review comment
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Introduce WebAuthn Client Device term
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Address review comment
- Re: [webauthn] add 'spec roadmap' section
- Re: [webauthn] Merge {#sample-scenarios} section with the {#usecase} section
- [webauthn] Note on "RP ID" is confusing
- Re: [webauthn] Allow client to return NotAllowedError early if success is impossible
- [w3c/webauthn] 202f93: Fix initial case
- [webauthn] new commits pushed by emlun
- [webauthn] Pull Request: Allow client to return NotAllowedError early if success is impossible
- [w3c/webauthn] 82e3ff: Allow client to return NotAllowedError early if su...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Ask for tests for normative changes in CONTRIBUTING.md
- Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Closed: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Re: [webauthn] WIP: Authenticator taxonomy (replaces #842)
- Re: [webauthn] Address review comment
- Re: [webauthn] Tone back trust assumption in authn ceremony structures section
- Re: [webauthn] Tone back trust assumption in authn ceremony structures section
- Re: [webauthn] Mention rate limiting in UV definition
- Re: [webauthn] Introduce WebAuthn Client Device term
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] TPM section is missing TPMT_PUBLIC validation steps
- Re: [webauthn] NULL or DOMException
- Re: [webauthn] cleanup: mark & structure biblio references consistently
- Re: [webauthn] TPM section is missing TPMT_PUBLIC validation steps
- Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] appid extension: value when not acted upon?
- Re: [webauthn] introductory abort language missing from [[Get]]() section
- 06/20/2018 W3C Web Authentication WG Meeting Agenda
Tuesday, 19 June 2018
- Re: [webauthn] Merge {#sample-scenarios} section with the {#usecase} section
- Re: [webauthn] further details for authenticatorCancel operation
- Closed: [webauthn] further details for authenticatorCancel operation
- Closed: [webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData
- Re: [webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData
- Re: [webauthn] Silent/touchless Authn? clarification of bit 0 in AuthenticatorData
- Re: [webauthn] appid extension: value when not acted upon?
- [webauthn] Pull Request: Correct usage of RFC 2119 keywords again
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] Address review comment
- Re: [webauthn] Mention rate limiting in UV definition
- [webauthn] Pull Request: Tone back trust assumption in authn ceremony structures section
- [w3c/webauthn] 594501: Address review comment
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 5c04f8: Resolve inline issue 2
- [webauthn] new commits pushed by emlun
- [webauthn] Pull Request: Mention rate limiting in UV definition
- [webauthn] Pull Request: Address review comment
- [webauthn] Pull Request: Introduce WebAuthn Client Device term
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- [webauthn] Closed Pull Request: WIP: Authenticator taxonomy
- Re: [webauthn] WIP: Authenticator taxonomy
- [webauthn] Pull Request: WIP: Authenticator taxonomy (replaces #842)
- [w3c/webauthn] fc385a: Link Rate limiting
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Improve clarity of |x5c| in packed and tpm attstmt verification procedures
- Re: [webauthn] Specify extension types in listing instead of prose
- [w3c/webauthn] 1e3241: Add link to "attachment modality" reference
- [w3c/webauthn]
- [webauthn] new commits pushed by emlun
- [webauthn] Closed Pull Request: Introduce WebAuthn Client Device term
- Re: [webauthn] Introduce WebAuthn Client Device term
- [webauthn] Pull Request: Introduce WebAuthn Client Device term
- [w3c/webauthn] 1e3241: Add link to "attachment modality" reference
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Attestation validation issues
- [w3c/webauthn] 83ec7c: Built by Travis-CI: 2d669ded704e8adffd6e1fe981bd46...
- [w3c/webauthn] e5aad1: Built by Travis-CI: 2d669ded704e8adffd6e1fe981bd46...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] f55c4c: Remove mention of a timeout for isUserVerifyingPla...
- [webauthn] Merged Pull Request: Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
- [webauthn] new commits pushed by agl
- Closed: [webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes?
- [w3c/webauthn] 2ecfc3: Built by Travis-CI: a68f1a9256a7d73a71e68cec7d45f2...
- [w3c/webauthn] 502dc8: Built by Travis-CI: a68f1a9256a7d73a71e68cec7d45f2...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] df81b6: Eliminate the “not-supported” option for tokenBind...
- [webauthn] Merged Pull Request: Eliminate the “not-supported” option for tokenBinding.status
- [webauthn] new commits pushed by agl
- Closed: [webauthn] Meaning of missing tokenBinding in ClientCollectedData?
Monday, 18 June 2018
- Re: [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- Re: [webauthn] undefined terms and terms we really ought to define
- Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop?
- Re: [webauthn] Recovering from Device Loss
Friday, 15 June 2018
- [webauthn] Clarify WebAuthn spec to allow us to return an error to RP when it makes sense
- [w3c/webauthn] 3ec508: remove reference to 'preparation', 'enforcement' i...
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] a74135: address emlun's review comment
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- [webauthn] Pull Request: Improve clarity of |x5c| in packed and tpm attstmt verification procedures
- [w3c/webauthn] fd73fa: Clarify difference between |x5c| and |aikCert| in ...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Attestation validation issues
- Re: [webauthn] Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
Thursday, 14 June 2018
- Re: [webauthn] Display name content rules?
- [webauthn] Pull Request: Fix #593: employ PRECIS RFC8264 et al for 'name'-ish domstring values
- Re: [webauthn] Specify extension types in listing instead of prose
- who's moz folk(s) covering for J.C. ?
- [w3c/webauthn] e69bfc: employ PRECIS RFC8264 et al for 'name'-ish domstri...
- [webauthn] new commits pushed by equalsJeffH
- TPAC 2018 registration now open
Wednesday, 13 June 2018
- [webauthn] Attestation validation issues
- [w3c/webauthn] 01ad24: Change listing heading from "Extension type" to "O...
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Specify extension types in listing instead of prose
- Re: [webauthn] appid extension: value when not acted upon?
- Closed: [webauthn] Icon format / conversion
- Re: [webauthn] Icon format / conversion
- CR boilerplate
- [w3c/webauthn] 0a2da2: Built by Travis-CI: 4fd5dd5d5c642ba3756edb3eece3aa...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 1c6205: Built by Travis-CI: 4fd5dd5d5c642ba3756edb3eece3aa...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] ead943: Built by Travis-CI: cdbd4ca6eb3be6a9daf4d0ed76bcf5...
- [w3c/webauthn]
- [w3c/webauthn] 63c71d: Add example of new device enrollment via roaming a...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 8e9d45: Built by Travis-CI: cdbd4ca6eb3be6a9daf4d0ed76bcf5...
- [webauthn] Merged Pull Request: Add example of new device enrollment via roaming authenticator
- Closed: [webauthn] Clarify how a user can authenticate from multiple devices
- [webauthn] new commits pushed by emlun
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] cdbd4c: Note that the icon URL may be a data: URL (#937)
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: Note that the icon URL may be a data: URL
- [w3c/webauthn] b136ba: Add @equalsJeffH's rewording
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Add example of new device enrollment via roaming authenticator
- Re: [webauthn] clean up RFC2119 language again
- [w3c/webauthn] b78943: Address the rest of @equalsJeffH's review comments
- [webauthn] new commits pushed by emlun
- Re: [webauthn] appid extension: value when not acted upon?
- [w3c/webauthn]
- [w3c/webauthn] a1f508: Built by Travis-CI: 1d8c9d20015c1d0d373f191e33eb1a...
- [w3c/webauthn] a11b03: Built by Travis-CI: 1d8c9d20015c1d0d373f191e33eb1a...
- [webauthn] new commits pushed by WebAuthnBot
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 1d8c9d: fix issue #932 clarify rpIdHash generation, minor ...
- [webauthn] new commits pushed by selfissued
- [webauthn] Merged Pull Request: fix issue #932 clarify rpIdHash generation, minor editorial linking
- Closed: [webauthn] clarify generation of rpIdHash
- [w3c/webauthn] b609a2: Change "enrolled" to "configured"
- Re: [webauthn] undefined terms and terms we really ought to define
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] a510bb: Change "human being" to "natural person" and link ...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn]
- Re: [webauthn] Replace <pre class="idl">s with <xmp>s
- [w3c/webauthn] 89a372: Built by Travis-CI: 76f25149b970227fbe4960f3790719...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] ae36c3: Built by Travis-CI: 76f25149b970227fbe4960f3790719...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 76f251: Replace <pre class="idl">s with <xmp>s (#949)
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: Replace <pre class="idl">s with <xmp>s
- Closed: [webauthn] use `<xmp>` uniformly for WebIDL fragments?
- Re: [webauthn] use `<xmp>` uniformly for WebIDL fragments?
- [webauthn] Pull Request: Replace <pre class="idl">s with <xmp>s
- [w3c/webauthn] 5300df: Replace <pre class="idl">s with <xmp>s
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 488878: Built by Travis-CI: 99c552c7998b9b80a2be2a185fee1c...
- Re: [webauthn] Document prevention of attacks on privacy
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] e59a95: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Add experimental Travis build with no Bikeshed cache
- [w3c/webauthn] eb9506: Built by Travis-CI: c143aa0c98a4b2eb66c8990e84b20b...
- Re: [webauthn] Add experimental Travis build with no Bikeshed cache
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] c143aa: Add Dockerfile with Bikeshed installed (#942)
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: Add Dockerfile with Bikeshed installed
- [w3c/webauthn] febcf5: Built by Travis-CI: b7ac1867e94d6adb2c0a582f34bf21...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] b7ac18: Update web-platform-tests URLs (#947)
- [webauthn] Merged Pull Request: Update web-platform-tests URLs
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] use `<xmp>` uniformly for WebIDL fragments?
- Re: [webauthn] Add Dockerfile with Bikeshed installed
- Re: [webauthn] Add experimental Travis build with no Bikeshed cache
- Re: [webauthn] Document prevention of attacks on privacy
- Re: [webauthn] Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
- Re: [webauthn] Eliminate the “not-supported” option for tokenBinding.status
- Re: [webauthn] fix issue #932 clarify rpIdHash generation, minor editorial linking
- Re: [webauthn] Note that the icon URL may be a data: URL
- Re: [webauthn] Update web-platform-tests URLs
- [w3c/webauthn] f97fb7: Address some review comments
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 54f8a9: Address most of @equalsJeffH's review comments
- [w3c/webauthn] 9a3132: Remove redundant note about non-normativity
- [webauthn] new commits pushed by emlun
- [webauthn] new commits pushed by emlun
- Re: [webauthn] appid extension: value when not acted upon?
- [w3c/webauthn]
- [webauthn] appid extension: value when not acted upon?
Tuesday, 12 June 2018
- 06/13/2018 W3C Web Authentication WG Meeting Agenda
- [w3c/webauthn] 828b5b: Add list of benefits RP gains from the spec
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] f9e2c2: Built by Travis-CI: 204da2313c68f13b1baef944273349...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 204da2: improve #936: existing linking lint (#944)
- [webauthn] Merged Pull Request: improve #936: existing linking lint
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn]
- [webauthn] Pull Request: Update web-platform-tests URLs
- [w3c/webauthn] 276d29: Built by Travis-CI: f0acd1ade1ad27bccf52e85435ae72...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] f0acd1: Per Credential Signature Counters (#935)
- [webauthn] Merged Pull Request: Per Credential Signature Counters
- [webauthn] new commits pushed by akshayku
- Closed: [webauthn] Delete per RP ID Signature counters
Monday, 11 June 2018
- Re: [webauthn] Eliminate the “not-supported” option for tokenBinding.status
- Re: [webauthn] improve #936: existing linking lint
- [w3c/webauthn]
- [w3c/webauthn] 27ce6e: Review of PR #944 (#945)
- [webauthn] new commits pushed by equalsJeffH
- [webauthn] Merged Pull Request: Review of PR #944
- Re: [webauthn] Review of PR #944
- [w3c/webauthn] 2f8ea5: Fix variable style
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Specify extension types in listing instead of prose
- [w3c/webauthn] 2a2e9a: Don't wait for experimental job before reporting b...
- [webauthn] new commits pushed by emlun
- [webauthn] Pull Request: Add experimental Travis build with no Bikeshed cache
- [w3c/webauthn] e59a95: Add experimental Travis build with no Bikeshed cac...
- [w3c/webauthn]
- [webauthn] new commits pushed by emlun
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- [w3c/webauthn] b5db78: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] f0fdbe: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] c74674: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 3636bf: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 1f994b: Add experimental Travis build with no Bikeshed cac...
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 95a95d: Built by Travis-CI: 5cc9a6ac8cd9485ea3c23b40e9d230...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 990b89: Address some of @equalsJeffH's review comments
- [w3c/webauthn]
- [webauthn] Merged Pull Request: PR #900 post-merge review changes
- Closed: [webauthn] Allow hot-plugged authenticators?
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Review of PR #944
- [webauthn] Pull Request: Review of PR #944
- [w3c/webauthn] 8c47bc: Replace old <dfn>s with links
- [webauthn] new commits pushed by emlun
- Re: [webauthn] use `<xmp>` uniformly for WebIDL fragments?
Friday, 8 June 2018
- Re: [webauthn] Specify extension types in listing instead of prose
- Re: [webauthn] clean up RFC2119 language again
- [w3c/webauthn] ac03dd: be explicit re SHA-256
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] Allow clients to stop the `get` flow when certain conditions are met
- [w3c/webauthn] 7958ff: shouldSHOULD
- [webauthn] new commits pushed by akshayku
- Re: [webauthn] Eliminate duplicate terminology
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- [webauthn] Pull Request: improve #936: existing linking lint
- [w3c/webauthn] c54adb: tag occurances of 'verification procedure' improve...
- [webauthn] new commits pushed by equalsJeffH
- [w3c/webauthn] d6b1fb: remove some dfn tags from section headers, improve...
- [webauthn] new commits pushed by equalsJeffH
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- [webauthn] use `<xmp>` uniformly for WebIDL fragments?
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- [webauthn] Pull Request: Add Dockerfile with Bikeshed installed
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
Thursday, 7 June 2018
- Re: [webauthn] capitalize "must" in Note in authenticatorGetAssertion operation
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- Re: [webauthn] capitalize "must" in Note in authenticatorGetAssertion operation
- Re: [webauthn] PR #900 post-merge review changes
- [w3c/webauthn] 8b6b7e: Reword definitions of |authenticators|
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Specify extension types in listing instead of prose
- [webauthn] Pull Request: Specify extension types in listing instead of prose
- [w3c/webauthn] 900626: Specify extension type in listing instead of prose
- [webauthn] new commits pushed by emlun
- Re: [webauthn] bikeshed now catching existing lint in master->index.bs
- Re: PR 900 review (in arrears)
- Re: [webauthn] capitalize "must" in Note in authenticatorGetAssertion operation
- Re: [webauthn] Add example of new device enrollment via roaming authenticator
- [webauthn] Pull Request: PR #900 post-merge review changes
- Re: [webauthn] Allow hot-plugged authenticators?
- [w3c/webauthn] 990b89: Address some of @equalsJeffH's review comments
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Allow clients to stop the `get` flow when certain conditions are met
Wednesday, 6 June 2018
- [webauthn] introductory abort language missing from [[Get]]() section
- Re: [webauthn] Allow clients to stop the `get` flow when certain conditions are met
- [webauthn] capitalize "must" in Note in authenticatorGetAssertion operation
- PR 900 review (in arrears)
- [w3c/webauthn]
- [w3c/webauthn]
- Re: [webauthn] Icon format / conversion
- [webauthn] Pull Request: Note that the icon URL may be a data: URL
- Re: [webauthn] Add two abort paths for getting an assertion
- Re: [webauthn] Eliminate the “not-supported” option for tokenBinding.status
- [webauthn] bikeshed now catching existing link in master->index.bs
- Re: [webauthn] Platform authenticators and key stores
- Re: [webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys
- Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
- Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
- Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
- Re: [webauthn] Icon format / conversion
- Re: [webauthn] Icon format / conversion
- Re: [webauthn] Icon format / conversion
- Re: [webauthn] Add two abort paths for getting an assertion
- [w3c/webauthn] 11cd5f: Built by Travis-CI: b0ca15fa82e531dadaba9fc49c8c7a...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 33cdaf: Fix issue with |savedCredentialId| scope
- [webauthn] Merged Pull Request: Finish up hot-plugging algorithm language
- Closed: [webauthn] Allow hot-plugged authenticators?
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 79b5b0: Built by Travis-CI: f3b706b2b1a47ce53de8ebfa74fd88...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] Document prevention of attacks on privacy
- Re: [webauthn] Fixed example with incorrect allowCredential. Improved existing examples
- [w3c/webauthn] 9bd9dd: Fixed example with incorrect allowCredential. Impr...
- [webauthn] Merged Pull Request: Fixed example with incorrect allowCredential. Improved existing examples
- [webauthn] new commits pushed by emlun
- [w3c/webauthn] 233f4e: Built by Travis-CI: b455562d9c50af7fca0c753779d80f...
- [webauthn] new commits pushed by WebAuthnBot
- Re: [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
- [w3c/webauthn] 045e92: Unnecessary to specify extension validity
- [webauthn] Merged Pull Request: Trim unnecessary step from appId extension
- [webauthn] new commits pushed by kpaulh
- Re: [webauthn] Add an “internal” AuthenticatorTransport.
- Re: [webauthn] Trim unnecessary step from appId extension
- Re: [webauthn] Add two abort paths for getting an assertion
- Re: [webauthn] Feature-Identifier value for WebAuthn?
- Re: [webauthn] Grammar error in Sec 13.1
- Re: [webauthn] Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
- Re: [webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes?
- [webauthn] Pull Request: Per Credential Signature Counters
- [w3c/webauthn] 0b658b: PerCredentialSignatureCounters
- [webauthn] new commits pushed by akshayku
- Re: [webauthn] What is FIDO client????
- Closed: [webauthn] What is FIDO client????
- Re: [webauthn] What is FIDO client????
- Re: [webauthn] Client-generated challenges
- Re: [webauthn] What is FIDO client????
- Re: [webauthn] What is FIDO client????
- Re: [webauthn] Fixed example with incorrect allowCredential. Improved existing examples
- [w3c/webauthn] b9721b: Built by Travis-CI: 0f5b3a806a9f8e2ff02207fd673e13...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn] 26275b: Fix issue #405
- [w3c/webauthn]
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Adopt definition list markdown notation for dfn blocks
- Closed: [webauthn] adopt definition list markdown notation for <div dfn-type="foo" dfn-for="bar"> blocks
- [w3c/webauthn] 442771: Built by Travis-CI: d3c0757acd9f630774ce3d5ecf8d8e...
- [webauthn] new commits pushed by WebAuthnBot
- [w3c/webauthn]
- [w3c/webauthn] 258234: Remove (probably) outdated inline issue 2:
- [webauthn] Merged Pull Request: Remove (probably) outdated inline issue 2
- Closed: [webauthn] Privacy section may wish to discuss recommended user-agent responses to leaks
- [webauthn] new commits pushed by emlun
- Re: [webauthn] Grammar error in Sec 13.1
- Re: [webauthn] Feature-Identifier value for WebAuthn?
- dfn errors when building master branch
Tuesday, 5 June 2018
- [webauthn] Pull Request: fix issue #932 clarify rpIdHash generation, minor editorial linking
- [w3c/webauthn] ad9428: fix issue #932 clarify rpIdHash generation, minor ...
- [webauthn] new commits pushed by equalsJeffH
- 06/06/2018 W3C Web Authentication WG Meeting Agenda
- Re: [webauthn] Remove (probably) outdated inline issue 2
- Re: [webauthn] Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
- [webauthn] #sec-authenticator-data section implies authnr enforces RP ID being eTLD+1
- Re: [webauthn] Adopt definition list markdown notation for dfn blocks
- Re: [webauthn] Fixed example with incorrect allowCredential. Improved existing examples
- [webauthn] clarify generation of rpIdHash
- Re: [webauthn] What is FIDO client????
- [webauthn] Recovering from Device Loss
- fyi: Mastercard Webauthn/FIDO2 Relying Party Reference Implementation
- Re: [webauthn] Eliminate duplicate terminology
Monday, 4 June 2018
- Re: [webauthn] need description & illustrations of overall flow: authnr <--> platform API <--> RP
- Re: [webauthn] Document prevention of attacks on privacy
- Re: [webauthn] What is FIDO client????
- Re: [webauthn] What is FIDO client????
Saturday, 2 June 2018
Friday, 1 June 2018
- Re: [webauthn] TPM section is missing TPMT_PUBLIC validation steps
- [webauthn] TPM section is missing TPMT_PUBLIC validation steps
- Re: [webauthn] What is FIDO client????
- Closed: [webauthn] WebAuthn Client
- Re: [webauthn] WebAuthn Client
- Re: [webauthn] What is FIDO client????
- [webauthn] What is FIDO client????
- [webauthn] WebAuthn Client