- From: GitHub <noreply@github.com>
- Date: Wed, 02 May 2018 05:04:20 -0700
- To: public-webauthn@w3.org
- Message-ID: <5ae9a9448f72e_c0c2ab4777ddc04837f7@hookshot-fe-d2afb11.cp1-iad.github.net.mail>
Branch: refs/heads/issue-151-credential-portability Home: https://github.com/w3c/webauthn Commit: 5b026ad5fcab52b853995a8ca8f4959bd9f9c0b7 https://github.com/w3c/webauthn/commit/5b026ad5fcab52b853995a8ca8f4959bd9f9c0b7 Author: Emil Lundberg <emil@yubico.com> Date: 2018-03-21 (Wed, 21 Mar 2018) Changed paths: M index.bs Log Message: ----------- Fix #848: Weirdness in RP UP verification §7.1. Registering a new credential currently reads (and §7.2. Verifying an authentication assertion is analogous): >10. If user verification is required for this registration, verify that the User Verified bit of the `flags` in _authData_ is set. >11. If user verification is not required for this registration, verify that the User Present bit of the `flags` in _authData_ is set. This results in the following truth table: UV req. | UP req? | UV res. | UP res. | Accept? ------------+---------+---------+---------+-------- discouraged | Yes | 0 | 0 | No discouraged | Yes | 0 | 1 | Yes discouraged | Yes | 1 | 0 | No discouraged | Yes | 1 | 1 | Yes preferred | Yes | 0 | 0 | No preferred | Yes | 0 | 1 | Yes preferred | Yes | 1 | 0 | No preferred | Yes | 1 | 1 | Yes required | No | 0 | 0 | No required | No | 0 | 1 | No required | No | 1 | 0 | Yes required | No | 1 | 1 | Yes Note, for example, how UV `preferred` means that a response with `(UV=1, UP=0)` should be rejected. It makes more sense to let the UP requirement be defined by the UV _response_ instead of the UV _requirement_: UV req. | UV res. | UP req? | UP res. | Accept? ------------+---------+---------+---------+-------- discouraged | 0 | Yes | 0 | No discouraged | 0 | Yes | 1 | Yes discouraged | 1 | No | 0 | Yes discouraged | 1 | No | 1 | Yes preferred | 0 | Yes | 0 | No preferred | 0 | Yes | 1 | Yes preferred | 1 | No | 0 | Yes preferred | 1 | No | 1 | Yes required | 0 | Yes | 0 | No required | 0 | Yes | 1 | No required | 1 | No | 0 | Yes required | 1 | No | 1 | Yes Commit: 632041ccf34edc39cdeb02a9ef71c8de135c2748 https://github.com/w3c/webauthn/commit/632041ccf34edc39cdeb02a9ef71c8de135c2748 Author: Emil Lundberg <emil@yubico.com> Date: 2018-03-22 (Thu, 22 Mar 2018) Changed paths: M index.bs Log Message: ----------- Add note about verifying U2F assertion signatures Commit: e2c1243cee3a851df2c3556b94bf1ae559e4b073 https://github.com/w3c/webauthn/commit/e2c1243cee3a851df2c3556b94bf1ae559e4b073 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-04 (Wed, 04 Apr 2018) Changed paths: M index.bs Log Message: ----------- Add missing description of PublicKeyCredentialDescriptor.transports Commit: 68d8cb8a673ed46f0d4fc5b11a97a528b44e76a3 https://github.com/w3c/webauthn/commit/68d8cb8a673ed46f0d4fc5b11a97a528b44e76a3 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-04 (Wed, 04 Apr 2018) Changed paths: M index.bs Log Message: ----------- Fix reference to U2F user public key format Commit: c137565f1d042c5a65606e36d543daf9d7642643 https://github.com/w3c/webauthn/commit/c137565f1d042c5a65606e36d543daf9d7642643 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-04 (Wed, 04 Apr 2018) Changed paths: M index.bs Log Message: ----------- Improve U2F key reformatting instructions as suggested by @apowers See https://github.com/w3c/webauthn/issues/857 Commit: a46247182ccbda508a619f27d4437649a30004a3 https://github.com/w3c/webauthn/commit/a46247182ccbda508a619f27d4437649a30004a3 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-04 (Wed, 04 Apr 2018) Changed paths: M index.bs Log Message: ----------- Always verify UP bit in RP ops As pointed out by @akshayku, recent drafts of CTAP now support this. Commit: f234d4abea7ac5b1d0fe5bc4128706c737b15f14 https://github.com/w3c/webauthn/commit/f234d4abea7ac5b1d0fe5bc4128706c737b15f14 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-11 (Wed, 11 Apr 2018) Changed paths: M index.bs Log Message: ----------- Fix grammar Commit: 2ae16c671edfbce5dc6ec020deae706a13d751c9 https://github.com/w3c/webauthn/commit/2ae16c671edfbce5dc6ec020deae706a13d751c9 Author: JeffH <Jeff.Hodges@PayPal.com> Date: 2018-04-13 (Fri, 13 Apr 2018) Changed paths: M PubStatus.md A draft-jones-webauthn-cose-algorithms.html A draft-jones-webauthn-cose-algorithms.txt A draft-jones-webauthn-cose-algorithms.xml M index.bs Log Message: ----------- Merge branch 'master' into issue-848-rp-up-verification Commit: 2dabcf8ac7a5734504443148697c69c86697a799 https://github.com/w3c/webauthn/commit/2dabcf8ac7a5734504443148697c69c86697a799 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-23 (Mon, 23 Apr 2018) Changed paths: M index.bs Log Message: ----------- Fix |authData| -> |aData| Commit: 425afcdab84fdd99867cbc6323b5b7668bec069f https://github.com/w3c/webauthn/commit/425afcdab84fdd99867cbc6323b5b7668bec069f Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-24 (Tue, 24 Apr 2018) Changed paths: M index.bs Log Message: ----------- Address @equalsJeffH's review comments Commit: e36ee7c6959fd2623ff146fb1dbb77a909469e85 https://github.com/w3c/webauthn/commit/e36ee7c6959fd2623ff146fb1dbb77a909469e85 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-24 (Tue, 24 Apr 2018) Changed paths: M index.bs Log Message: ----------- Clarify that authentication use case example requires pairing the phone first Commit: 0bc2eece80bfc942215e2de400f35c074b66c0c4 https://github.com/w3c/webauthn/commit/0bc2eece80bfc942215e2de400f35c074b66c0c4 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-25 (Wed, 25 Apr 2018) Changed paths: M index.bs Log Message: ----------- Extract cross-spec ref for RFC8152 Secion 7 Commit: b05010da756d2deffd507044d289b33a1085d02e https://github.com/w3c/webauthn/commit/b05010da756d2deffd507044d289b33a1085d02e Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-25 (Wed, 25 Apr 2018) Changed paths: M index.bs Log Message: ----------- Extract cross-spec ref for FIDO-U2F-Message-Formats Secion 4.3 Commit: 88bb9aec22147152535c012cf686d378ddb72a52 https://github.com/w3c/webauthn/commit/88bb9aec22147152535c012cf686d378ddb72a52 Author: Emil Lundberg <emil@yubico.com> Date: 2018-04-25 (Wed, 25 Apr 2018) Changed paths: M index.bs Log Message: ----------- Extract section 6.1.2. FIDO U2F signature format compatibility Commit: c880ab937f69bc5cad48d3dd784068f760e959b8 https://github.com/w3c/webauthn/commit/c880ab937f69bc5cad48d3dd784068f760e959b8 Author: =JeffH <mobileuser@kingsmountain.com> Date: 2018-05-01 (Tue, 01 May 2018) Changed paths: M index.bs Log Message: ----------- non- -> non-null (#890) Commit: f4575a0a6001e4e58da692d91ca289c94a8cc109 https://github.com/w3c/webauthn/commit/f4575a0a6001e4e58da692d91ca289c94a8cc109 Author: Emil Lundberg <emil@yubico.com> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Address @equalsJeffH's review comment Commit: aabeeaf52debdad98bbedc8ff9efed4e96d37451 https://github.com/w3c/webauthn/commit/aabeeaf52debdad98bbedc8ff9efed4e96d37451 Author: Emil Lundberg <emil@emlun.se> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge pull request #881 from w3c/issue-874-clarify-use-case Clarify that authentication use case example requires pairing the phone first Commit: 3afbcf955b357e7f0e5208b0b01436ee36ae35fd https://github.com/w3c/webauthn/commit/3afbcf955b357e7f0e5208b0b01436ee36ae35fd Author: Emil Lundberg <emil@yubico.com> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge branch 'master' into issue-857-u2f-attestation-verification Commit: 848659eb2d3c115ad22883eb2dd70c0413de9639 https://github.com/w3c/webauthn/commit/848659eb2d3c115ad22883eb2dd70c0413de9639 Author: Emil Lundberg <emil@emlun.se> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge pull request #861 from w3c/issue-857-u2f-attestation-verification Clarify U2F attestation verification instructions Commit: f3940003f8e43e7c9c43889592d21f416a580a46 https://github.com/w3c/webauthn/commit/f3940003f8e43e7c9c43889592d21f416a580a46 Author: Emil Lundberg <emil@yubico.com> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M PubStatus.md A draft-jones-webauthn-cose-algorithms.html A draft-jones-webauthn-cose-algorithms.txt A draft-jones-webauthn-cose-algorithms.xml M index.bs Log Message: ----------- Merge branch 'master' into issue-845-u2f-signature Commit: da1d21d5da190d8fc2ae3b880c31875675106b4e https://github.com/w3c/webauthn/commit/da1d21d5da190d8fc2ae3b880c31875675106b4e Author: Emil Lundberg <emil@emlun.se> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge pull request #850 from w3c/issue-845-u2f-signature Add note about verifying U2F assertion signatures Commit: c22b1ac49d3cbb4ba1902272ae5470bc2292ea55 https://github.com/w3c/webauthn/commit/c22b1ac49d3cbb4ba1902272ae5470bc2292ea55 Author: Emil Lundberg <emil@emlun.se> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge pull request #849 from w3c/issue-848-rp-up-verification Fix #848: Weirdness in RP UP verification Commit: 864bc4fe0fecc9529d5a35918d3549fb1446a6e7 https://github.com/w3c/webauthn/commit/864bc4fe0fecc9529d5a35918d3549fb1446a6e7 Author: Emil Lundberg <emil@emlun.se> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge pull request #860 from w3c/issue-852-transports-description Add missing description of PublicKeyCredentialDescriptor.transports Commit: 797155e9063232cc73276c0f392dbb37aaae8c0a https://github.com/w3c/webauthn/commit/797155e9063232cc73276c0f392dbb37aaae8c0a Author: Emil Lundberg <emil@yubico.com> Date: 2018-05-02 (Wed, 02 May 2018) Changed paths: M index.bs Log Message: ----------- Merge branch 'master' into issue-151-credential-portability Compare: https://github.com/w3c/webauthn/compare/1a11551f81ed...797155e90632 **NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/ Functionality will be removed from GitHub.com on January 31st, 2019.
Received on Wednesday, 2 May 2018 12:04:50 UTC