"PR" milestone -> "PropRec" ?
05/02/2018 W3C Web Authentication WG Meeting Agenda
05/09/2018 W3C Web Authentication WG Meeting Agenda
05/16/2018 W3C Web Authentication WG Meeting Agenda
05/30/2018 W3C Web Authentication WG Meeting Agenda
[w3c/webauthn]
- GitHub (Wednesday, 30 May)
- GitHub (Wednesday, 30 May)
- GitHub (Wednesday, 9 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Wednesday, 2 May)
- GitHub (Tuesday, 1 May)
- GitHub (Tuesday, 1 May)
- GitHub (Tuesday, 1 May)
[w3c/webauthn] 0b3e93: Address @selfissued's review comments
[w3c/webauthn] 0bc2ee: Extract cross-spec ref for RFC8152 Secion 7
[w3c/webauthn] 10e12d: Document prevention of attacks on privacy
[w3c/webauthn] 164bce: Add section headings to [[FIDO-Registry]] referenc...
[w3c/webauthn] 21264d: Built by Travis-CI: 96bc24a1ffcd71508e08f20e56c45a...
[w3c/webauthn] 241a56: UVI modification with CDDL
[w3c/webauthn] 258234: Remove (probably) outdated inline issue 2:
[w3c/webauthn] 26275b: Fix issue #405
[w3c/webauthn] 2af3b6: Built by Travis-CI: 454985fd9477b1c4241cf8f8333ef3...
[w3c/webauthn] 2b0e84: Built by Travis-CI: aabeeaf52debdad98bbedc8ff9efed...
[w3c/webauthn] 33cdaf: Fix issue with |savedCredentialId| scope
[w3c/webauthn] 4d3697: Built by Travis-CI: b470728005ff9dc142722a39fc7d32...
[w3c/webauthn] 4d6991: Properly reference {{TokenBinding/id}} from {{Toke...
[w3c/webauthn] 4e19fe: Clarify the U2F Attestation format to have a singl...
[w3c/webauthn] 4f584b: "with string-valued keys" => "whose keys are strin...
[w3c/webauthn] 4f75f6: Built by Travis-CI: 1c3dd46e4952b15892a6ebfc4387c8...
[w3c/webauthn] 52d4b6: Built by Travis-CI: 92142acd0359d1d82fc7420b2704d0...
[w3c/webauthn] 56a031: Built by Travis-CI: 848659eb2d3c115ad22883eb2dd70c...
[w3c/webauthn] 59acf1: Use consistent formatting for "true" in prose
[w3c/webauthn] 5b026a: Fix #848: Weirdness in RP UP verification
[w3c/webauthn] 5d9598: Built by Travis-CI: c880ab937f69bc5cad48d3dd784068...
[w3c/webauthn] 5e08a1: Update index.bs
[w3c/webauthn] 60a02f: Built by Travis-CI: c22b1ac49d3cbb4ba1902272ae5470...
[w3c/webauthn] 632041: Add note about verifying U2F assertion signatures
[w3c/webauthn] 68d8cb: Fix reference to U2F user public key format
[w3c/webauthn] 69cdf7: Fix dfn block formatting for AuthenticatorTranspor...
[w3c/webauthn] 6a83ec: Reference §14.4 in §14.2
[w3c/webauthn] 6e4480: Add an “internal” AuthenticatorTransport.
[w3c/webauthn] 73ec34: Fix urlPrefix of FIDO-APPID anchors to agree with ...
[w3c/webauthn] 7451b2: draft-jones-webauthn-cose-algorithms-01 (#895)
[w3c/webauthn] 80e6df: Replace [[FIDOReg]] with [[FIDO-Registry]]
[w3c/webauthn] 828b5b: Add list of benefits RP gains from the spec
[w3c/webauthn] 8d2a10: Built by Travis-CI: bcd08c6641e8ff3bb43b5ba8c23b0d...
[w3c/webauthn] 8e004d: Reference [[FIDO-Registry]] for raw EC public key ...
[w3c/webauthn] 96bc24: Use |authData| in both RP operations (#892)
[w3c/webauthn] 9cc342: non- -> non-null
[w3c/webauthn] a43d17: Update more FIDO references
[w3c/webauthn] b3aa41: Track initial COSE algorithm registrations made fo...
[w3c/webauthn] b47072: Fixed incorrect field size that makes all letters ...
[w3c/webauthn] b7149f: Include an AuthenticatorTransport when creating a ...
[w3c/webauthn] bc6dcf: Add @agl's commas
[w3c/webauthn] bc8052: Address @equalsJeffH's review comments
[w3c/webauthn] bf31d8: Replace |aData| and |adata| with |authData|
[w3c/webauthn] c0f521: Built by Travis-CI: 7451b28a2464c6b4a6c4d2b01163b8...
[w3c/webauthn] c24321: Create draft-jones-webauthn-secp256k1 to register ...
[w3c/webauthn] c27e63: Built by Travis-CI: c24321f2eb778e880de14b463c5887...
[w3c/webauthn] c880ab: non- -> non-null (#890)
[w3c/webauthn] ce1f43: Built by Travis-CI: b8e3f6429690a575a446a7242a567e...
[w3c/webauthn] d6c63e: Built by Travis-CI: b3aa419a452cf73110885874e7c755...
[w3c/webauthn] e2c124: Add missing description of PublicKeyCredentialDesc...
[w3c/webauthn] e36ee7: Clarify that authentication use case example requi...
[w3c/webauthn] e8cee9: Built by Travis-CI: 2c6faa8cad963a9dd2eacbb19022cd...
[w3c/webauthn] ee7138: Built by Travis-CI: 4f584b82eb9f513efabc1fd317c651...
[w3c/webauthn] f4575a: Address @equalsJeffH's review comment
[w3c/webauthn] f55c4c: Remove mention of a timeout for isUserVerifyingPla...
[w3c/webauthn] fcea98: Built by Travis-CI: 864bc4fe0fecc9529d5a35918d3549...
[webauthn] Add an “internal” AuthenticatorTransport.
[webauthn] Add clearer definition of API use cases to the spec
[webauthn] Add example of new device enrollment via roaming authenticator
[webauthn] Add missing description of PublicKeyCredentialDescriptor.transports
[webauthn] Add note about verifying U2F assertion signatures
[webauthn] Add registration/authentication extensions for cloud-assisted BLE
[webauthn] Add RP conformance section on ignoring attestation
[webauthn] Add two abort paths for getting an assertion
[webauthn] Adopt consistent formatting for Boolean values
[webauthn] Adopt definition list markdown notation for dfn blocks
[webauthn] Allow clients to stop the `get` flow when certain conditions are met
[webauthn] Ask for tests for normative changes in CONTRIBUTING.md
[webauthn] Candidate recommendation exit criteria
[webauthn] cccccchvcjfnifurecklfftifkidhcuhdnrtgrrrfciv
[webauthn] Change "with string-valued keys" to "whose keys are strings"
[webauthn] choose consistent section id prefix
[webauthn] Clarify that authentication use case example requires pairing the phone first
[webauthn] Clarify the U2F Attestation format to have a single certificate
[webauthn] Clarify U2F attestation verification instructions
[webauthn] Client-generated challenges
[webauthn] cognitive-accessibility consideration
[webauthn] Create draft-jones-webauthn-secp256k1 to register secp256k1 curve and algorithm identifiers
[webauthn] CTAP-speaking authenticators use integer-valued CBOR map keys
[webauthn] Delete per RP ID Signature counters
[webauthn] Document prevention of attacks on privacy
[webauthn] document preventions of RP-driven de-anonymization attempts in privacy-cons
[webauthn] Eliminate duplicate terminology
[webauthn] Eliminate the “not-supported” option for tokenBinding.status
[webauthn] Ensure hard-coded step references in RP ops are correct
[webauthn] Feature-Identifier value for WebAuthn?
[webauthn] Finish up hot-plugging algorithm language
[webauthn] Fix #593 - Refer to RFC 8266 for RP-controlled UI strings
- Peter Saint-Andre via GitHub (Thursday, 10 May)
- Emil Lundberg via GitHub (Thursday, 10 May)
- Addison Phillips via GitHub (Thursday, 10 May)
- Emil Lundberg via GitHub (Thursday, 10 May)
- Peter Saint-Andre via GitHub (Thursday, 10 May)
- Peter Saint-Andre via GitHub (Wednesday, 9 May)
- Peter Saint-Andre via GitHub (Wednesday, 9 May)
- J.C. Jones via GitHub (Wednesday, 9 May)
- Akshay Kumar via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- =JeffH via GitHub (Tuesday, 1 May)
[webauthn] Fix #848: Weirdness in RP UP verification
[webauthn] Fix formatting of Boolean values and type name
[webauthn] Fixed example with incorrect allowCredential. Improved existing examples
[webauthn] Fixed incorrect field size that makes all letters to overlap each other
[webauthn] How can i use biometric sensor auth
[webauthn] Include an AuthenticatorTransport when creating a new credential.
- Adam Langley via GitHub (Thursday, 10 May)
- Mike Jones via GitHub (Wednesday, 9 May)
- Akshay Kumar via GitHub (Friday, 4 May)
- =JeffH via GitHub (Friday, 4 May)
- Akshay Kumar via GitHub (Friday, 4 May)
- Emil Lundberg via GitHub (Friday, 4 May)
- Akshay Kumar via GitHub (Friday, 4 May)
- Emil Lundberg via GitHub (Friday, 4 May)
- =JeffH via GitHub (Thursday, 3 May)
- =JeffH via GitHub (Thursday, 3 May)
- Emil Lundberg via GitHub (Thursday, 3 May)
- Anthony Nadalin via GitHub (Wednesday, 2 May)
- Christiaan Brand via GitHub (Wednesday, 2 May)
- Adam Langley via GitHub (Wednesday, 2 May)
- =JeffH via GitHub (Wednesday, 2 May)
- Christiaan Brand via GitHub (Wednesday, 2 May)
- Adam Langley via GitHub (Wednesday, 2 May)
- Akshay Kumar via GitHub (Wednesday, 2 May)
- Adam Langley via GitHub (Wednesday, 2 May)
- Akshay Kumar via GitHub (Wednesday, 2 May)
- Akshay Kumar via GitHub (Tuesday, 1 May)
- Akshay Kumar via GitHub (Tuesday, 1 May)
- =JeffH via GitHub (Tuesday, 1 May)
- Adam Langley via GitHub (Tuesday, 1 May)
- =JeffH via GitHub (Tuesday, 1 May)
[webauthn] isUserVerifyingPlatformAuthenticatorAvailable() timeout really 10 minutes?
- kpaulh via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- =JeffH via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Thursday, 10 May)
- Christiaan Brand via GitHub (Wednesday, 9 May)
- Anthony Nadalin via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Monday, 7 May)
- Akshay Kumar via GitHub (Friday, 4 May)
- =JeffH via GitHub (Friday, 4 May)
- Emil Lundberg via GitHub (Friday, 4 May)
- Christiaan Brand via GitHub (Wednesday, 2 May)
[webauthn] Location extension description is inconsistent with processing
[webauthn] Meaning of missing tokenBinding in ClientCollectedData?
- =JeffH via GitHub (Thursday, 31 May)
- Adam Langley via GitHub (Wednesday, 16 May)
- J.C. Jones via GitHub (Wednesday, 16 May)
- Mike Jones via GitHub (Wednesday, 16 May)
- kpaulh via GitHub (Wednesday, 16 May)
- Emil Lundberg via GitHub (Tuesday, 15 May)
- David Waite via GitHub (Tuesday, 15 May)
- Adam Langley via GitHub (Tuesday, 15 May)
- kpaulh via GitHub (Tuesday, 15 May)
- Arnar Birgisson via GitHub (Tuesday, 15 May)
- Emil Lundberg via GitHub (Tuesday, 15 May)
- David Waite via GitHub (Sunday, 13 May)
[webauthn] Merged Pull Request: Add an “internal” AuthenticatorTransport.
[webauthn] Merged Pull Request: Add missing description of PublicKeyCredentialDescriptor.transports
[webauthn] Merged Pull Request: Add note about verifying U2F assertion signatures
[webauthn] Merged Pull Request: Add RP conformance section on ignoring attestation
[webauthn] Merged Pull Request: Change "with string-valued keys" to "whose keys are strings"
[webauthn] Merged Pull Request: Clarify that authentication use case example requires pairing the phone first
[webauthn] Merged Pull Request: Clarify the U2F Attestation format to have a single certificate
[webauthn] Merged Pull Request: Clarify U2F attestation verification instructions
[webauthn] Merged Pull Request: Clean up cross-spec refs in PR #861
[webauthn] Merged Pull Request: Create draft-jones-webauthn-secp256k1 to register secp256k1 curve and algorithm identifiers
[webauthn] Merged Pull Request: draft-jones-webauthn-cose-algorithms-01
[webauthn] Merged Pull Request: Fix #848: Weirdness in RP UP verification
[webauthn] Merged Pull Request: Fix formatting of Boolean values and type name
[webauthn] Merged Pull Request: fix non-`null` breakage by using plain "non-null"
[webauthn] Merged Pull Request: Fixed incorrect field size that makes all letters to overlap each other
[webauthn] Merged Pull Request: Modify Location Extension description
[webauthn] Merged Pull Request: Reference [[FIDO-Registry]] for raw EC public key format
[webauthn] Merged Pull Request: Replace [[FIDOReg]] with [[FIDO-Registry]]
[webauthn] Merged Pull Request: Track initial COSE algorithm registrations made for WebAuthn
[webauthn] Merged Pull Request: Update FIDO references to newer documents
[webauthn] Merged Pull Request: Use |authData| in both RP operations
[webauthn] Move {#sample-scenarios} (currently Section 10) to the top of the doc
[webauthn] new commits pushed by agl
[webauthn] new commits pushed by emlun
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Wednesday, 30 May)
- Emil Lundberg via GitHub (Tuesday, 29 May)
- Emil Lundberg via GitHub (Wednesday, 16 May)
- Emil Lundberg via GitHub (Wednesday, 16 May)
- Emil Lundberg via GitHub (Wednesday, 16 May)
- Emil Lundberg via GitHub (Tuesday, 15 May)
- Emil Lundberg via GitHub (Tuesday, 15 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Wednesday, 9 May)
- Emil Lundberg via GitHub (Friday, 4 May)
- Emil Lundberg via GitHub (Friday, 4 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Wednesday, 2 May)
- Emil Lundberg via GitHub (Tuesday, 1 May)
[webauthn] new commits pushed by equalsJeffH
[webauthn] new commits pushed by gmandyam
[webauthn] new commits pushed by selfissued
[webauthn] new commits pushed by WebAuthnBot
- WebAuthnBot via GitHub (Thursday, 31 May)
- WebAuthnBot via GitHub (Wednesday, 30 May)
- WebAuthnBot via GitHub (Wednesday, 30 May)
- WebAuthnBot via GitHub (Wednesday, 30 May)
- WebAuthnBot via GitHub (Wednesday, 9 May)
- WebAuthnBot via GitHub (Friday, 4 May)
- WebAuthnBot via GitHub (Thursday, 3 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Wednesday, 2 May)
- WebAuthnBot via GitHub (Tuesday, 1 May)
[webauthn] Platform authenticators and key stores
[webauthn] Possibility of client-only implementation of authenticator extensions?
[webauthn] Pre-registration discovery for roaming authenticators
[webauthn] Privacy section may wish to discuss recommended user-agent responses to leaks
[webauthn] Propose procedure for adding to attestation/extension registry
[webauthn] Pull Request: Add an “internal” AuthenticatorTransport.
[webauthn] Pull Request: Add registration/authentication extensions for cloud-assisted BLE
[webauthn] Pull Request: Add two abort paths for getting an assertion
[webauthn] Pull Request: Adopt definition list markdown notation for dfn blocks
[webauthn] Pull Request: Create draft-jones-webauthn-secp256k1 to register secp256k1 curve and algorithm identifiers
[webauthn] Pull Request: Document prevention of attacks on privacy
[webauthn] Pull Request: draft-jones-webauthn-cose-algorithms-01
[webauthn] Pull Request: Eliminate the “not-supported” option for tokenBinding.status
[webauthn] Pull Request: Finish up hot-plugging algorithm language
[webauthn] Pull Request: Fix formatting of Boolean values and type name
[webauthn] Pull Request: fix non-`null` breakage by using plain "non-null"
[webauthn] Pull Request: Modify Location Extension description
[webauthn] Pull Request: Reference [[FIDO-Registry]] for raw EC public key format
[webauthn] Pull Request: Remove (probably) outdated inline issue 2
[webauthn] Pull Request: Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
[webauthn] Pull Request: Replace [[FIDOReg]] with [[FIDO-Registry]]
[webauthn] Pull Request: Track initial COSE algorithm registrations made for WebAuthn
[webauthn] Pull Request: Trim unnecessary step from appId extension
[webauthn] Pull Request: Update FIDO references to newer documents
[webauthn] Pull Request: Use |authData| in both RP operations
[webauthn] Recommend that RPs store the signature algorithm?
[webauthn] Reference [[FIDO-Registry]] for raw EC public key format
[webauthn] Reference FIDO Registry for raw EC public key format when spec is stable?
[webauthn] Remove (probably) outdated inline issue 2
[webauthn] Remove mention of a timeout for isUserVerifyingPlatformAuthenticatorAvailable
[webauthn] Replace [[FIDOReg]] with [[FIDO-Registry]]
[webauthn] Replace [[FIDOReg]] with [[FIDO-Registry]]?
[webauthn] Review of WD08
[webauthn] Serialise a number
[webauthn] some RPs may wish to allow multiple registrations to same user account
[webauthn] Tighten security scope by port
[webauthn] Trim unnecessary step from appId extension
[webauthn] undefined terms
[webauthn] undefined terms and terms we really ought to define
[webauthn] Update FIDO references to newer documents
[webauthn] update FIDO spec references to link to latest revisions
[webauthn] Use |authData| in both RP operations
[webauthn] Webauthn for proxy authentication
[webauthn] Windows Hello support
Closed: [webauthn] Adopt consistent formatting for Boolean values
Closed: [webauthn] Assertion signature verification procedure defined in Section 7.2 doesn't fit for the signature generated by FIDO-U2F token.
Closed: [webauthn] cccccchvcjfnifurecklfftifkidhcuhdnrtgrrrfciv
Closed: [webauthn] Clarify examples: 1.1.1. Registration / 1.1.2. Authentication
Closed: [webauthn] Clarify U2F attestation verification
Closed: [webauthn] cleanup: interstital blank line
Closed: [webauthn] Client-generated challenges
Closed: [webauthn] Description of CollectedClientData is outdated
Closed: [webauthn] How can i use biometric sensor auth
Closed: [webauthn] Location extension description is inconsistent with processing
Closed: [webauthn] Missing 'transports' description
Closed: [webauthn] Move {#sample-scenarios} (currently Section 10) to the top of the doc
Closed: [webauthn] Possibility of client-only implementation of authenticator extensions?
Closed: [webauthn] Privacy section may wish to discuss recommended user-agent responses to leaks
Closed: [webauthn] Propose procedure for adding to attestation/extension registry
Closed: [webauthn] Recommend that RPs store the signature algorithm?
Closed: [webauthn] Reference FIDO Registry for raw EC public key format
Closed: [webauthn] Replace [[FIDOReg]] with [[FIDO-Registry]]?
Closed: [webauthn] Review of WD08
Closed: [webauthn] RP guidelines should allow RP to not check attestation
Closed: [webauthn] RP UP verification instruction is weird
Closed: [webauthn] Serialise a number
Closed: [webauthn] The RS1 IANA COSE Algorithm registration doesn't match the value in the spec
Closed: [webauthn] update FIDO spec references to link to latest revisions
Closed: [webauthn] Use |authData| instead of |aData| and |adata| in RP assertion verification operation
Closed: [webauthn] Webauthn for proxy authentication
Closed: [webauthn] Windows Hello support
Extension Idea: Support for SSH and Other Arbitrary Signed Challenges
fyi: [CFP] Who are you? Adventures in Authentication Workshop 2018 - paper submission deadline: Friday, May 25, 2018
Notes from WebAuthN / Web Payments discussion
PSA: Win10 Apr 2018 update includes curl (and tar) (was: bikeshed errors in master branch latest commit 716a169
Recovering from Device Loss in WebAuthn
Relationship of Permissions, Feature Policy, Origin Policy?
Updated WebAuthn COSE Algorithms registration document
WebEx issue today
Why is uvm extension limited to max 3 values?
Last message date: Thursday, 31 May 2018 23:47:53 UTC