- From: Emil Lundberg <noreply@github.com>
- Date: Wed, 03 Apr 2019 13:42:18 -0700
- To: public-webauthn@w3.org
Branch: refs/heads/link-fixes
Home: https://github.com/w3c/webauthn
Commit: 486eb7b12fb443c4eab6ae8795d81c8f27d48710
https://github.com/w3c/webauthn/commit/486eb7b12fb443c4eab6ae8795d81c8f27d48710
Author: Emil Lundberg <emil@yubico.com>
Date: 2018-12-12 (Wed, 12 Dec 2018)
Changed paths:
M index.bs
Log Message:
-----------
Note that appid should be set to the previously used AppID
Commit: dafc308339f5e3875134ecb5d8b3dd87a9b67b26
https://github.com/w3c/webauthn/commit/dafc308339f5e3875134ecb5d8b3dd87a9b67b26
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-01-09 (Wed, 09 Jan 2019)
Changed paths:
M index.bs
Log Message:
-----------
Remove extraneous newline
Commit: a68031ae0bf89875788289bc2b537e29ede993e1
https://github.com/w3c/webauthn/commit/a68031ae0bf89875788289bc2b537e29ede993e1
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-01-11 (Fri, 11 Jan 2019)
Changed paths:
M index.bs
Log Message:
-----------
Add examples of authenticator types to Authenticator definition
Commit: d9de1254080f44244954f378828046108911afd1
https://github.com/w3c/webauthn/commit/d9de1254080f44244954f378828046108911afd1
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M index.bs
Log Message:
-----------
Let requireUserPresence always be true in authenticator operations
This fixes an oversight in commit
7f831e3c7ebf669041c6413acc8005c3efa0eb8b which causes it to be
technically allowed for the authenticator to return (UV = 1, UP = 0),
though the RP operations as currently specified would not accept such a
response.
Commit: 776b7b14d6e8f64b101db7e92318c877c588e861
https://github.com/w3c/webauthn/commit/776b7b14d6e8f64b101db7e92318c877c588e861
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M index.bs
Log Message:
-----------
Determine appid extension output after authenticator returns
This fixes the following corner case:
1. The user has a U2F authenticator A plugged in, which has been
registered via the U2F API (i.e., with AppID).
2. The user has a CTAP2 authenticator B plugged in, which has been
registered via the WebAuthn API (i.e., with RP ID).
3. The user initiates an authentication ceremony and the RP sets the
`appid` extension.
4. The client runs the above client processing and discovers that
authenticator A does not contain a credential for the RP ID, and
retries with the AppID. This succeeds, and the client sets the
extension's _output_ to `true`.
5. The client initiates authentication requests with both authenticator
A and B, which both prompt the user for consent.
6. The user confirms user consent on authenticator B, which generates an
assertion for the RP ID.
7. The client returns the assertion for the RP ID and the `appid` client
extension output set to `true`.
So it was possible for the extension output to end up being `true` even
though the RP should verify the assertion using the RP ID and not the
AppID.
Commit: 9e72ec30ca11f8b23e9f09c28daa635f4171b77b
https://github.com/w3c/webauthn/commit/9e72ec30ca11f8b23e9f09c28daa635f4171b77b
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M index.bs
Log Message:
-----------
Fix incorrect description of AuthenticatorAttachment
Fixes #1153
See https://github.com/w3c/webauthn/issues/1153
Commit: eae2c22f5bf8ba95e3c60de85bd954c5e13915ec
https://github.com/w3c/webauthn/commit/eae2c22f5bf8ba95e3c60de85bd954c5e13915ec
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M index.bs
Log Message:
-----------
Move AuthenticatorAttachment description to before IDL definition
For consistency with other IDL definition sections.
Commit: d16d62204030f6757f8680d8362dbb261d0ae4f8
https://github.com/w3c/webauthn/commit/d16d62204030f6757f8680d8362dbb261d0ae4f8
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M index.bs
Log Message:
-----------
Remove outdated hypothetical text addition
Commit: 7bc2f0366c10e44d90390f2c8942738ff2759625
https://github.com/w3c/webauthn/commit/7bc2f0366c10e44d90390f2c8942738ff2759625
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-02-27 (Wed, 27 Feb 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1131 from w3c/issue-1128-authenticator-examples
Add examples of authenticator types to Authenticator definition
Commit: fca27b3cd5a1cbf610063193aa9e6abd7a6c5c8e
https://github.com/w3c/webauthn/commit/fca27b3cd5a1cbf610063193aa9e6abd7a6c5c8e
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Clarify relationship to trust path in RP registration step 16
Commit: b175880e638b2b8803c2371758c1b1f4f5463e1a
https://github.com/w3c/webauthn/commit/b175880e638b2b8803c2371758c1b1f4f5463e1a
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Apply clarification to ECDAA as well
Commit: 26cf7c62581ec913a06be4eb9ea94807a0468a32
https://github.com/w3c/webauthn/commit/26cf7c62581ec913a06be4eb9ea94807a0468a32
Author: J.C. Jones <james.jc.jones@gmail.com>
Date: 2019-03-07 (Thu, 07 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1140 from w3c/issue-1123-uv-up
Let requireUserPresence always be true in authenticator operations
Commit: 4de25bb480f30dbca8e83381637a5e04872484fd
https://github.com/w3c/webauthn/commit/4de25bb480f30dbca8e83381637a5e04872484fd
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-03-07 (Thu, 07 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1143 from w3c/issue-1034-appid-output-corner-case
Determine appid extension output after authenticator returns
Commit: 11126e87846c1677f6f5bf56f33086b875ea5e66
https://github.com/w3c/webauthn/commit/11126e87846c1677f6f5bf56f33086b875ea5e66
Author: Adam Langley <agl@imperialviolet.org>
Date: 2019-03-07 (Thu, 07 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1118 from w3c/appid-note
Note that appid should be set to the previously used AppID
Commit: 909b3c267babc181cdfc5d3aaf8b5033c5337703
https://github.com/w3c/webauthn/commit/909b3c267babc181cdfc5d3aaf8b5033c5337703
Author: Mike Jones <Michael.Jones@microsoft.com>
Date: 2019-03-07 (Thu, 07 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Move Angelo Liao to the Former Editors list (#1172)
Commit: 3fc3b1e8a71bf3a9962e7257ffcc0789dcfae023
https://github.com/w3c/webauthn/commit/3fc3b1e8a71bf3a9962e7257ffcc0789dcfae023
Author: =JeffH <jdhodges@google.com>
Date: 2019-03-11 (Mon, 11 Mar 2019)
Changed paths:
M draft-hodges-webauthn-registries.html
M draft-hodges-webauthn-registries.txt
M draft-hodges-webauthn-registries.xml
Log Message:
-----------
update registries draft per issue #1176 (#1177)
* this is rev -02 of this Internet-Draft:
* update JeffH's affiliation
* add registry initialization instructions, update WebAuthn spec citation
* fixing up various things, add doc history entry
* provide erefs to dfns for attstn stmt fmt and extns idents, thx Giri!
Commit: 88695f49408f27b0da57fcdcafa737f6d53cf5f3
https://github.com/w3c/webauthn/commit/88695f49408f27b0da57fcdcafa737f6d53cf5f3
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-03-12 (Tue, 12 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Allow authenticators to do None instead of Self attestation
See issue #978
https://github.com/w3c/webauthn/issues/978
Commit: ce2b94710b78395a8d8ba55ae94d9904b1741067
https://github.com/w3c/webauthn/commit/ce2b94710b78395a8d8ba55ae94d9904b1741067
Author: =JeffH <jdhodges@google.com>
Date: 2019-03-12 (Tue, 12 Mar 2019)
Changed paths:
M draft-hodges-webauthn-registries.html
M draft-hodges-webauthn-registries.txt
M draft-hodges-webauthn-registries.xml
Log Message:
-----------
fixup registries internet-draft's abstract (#1181)
* update JeffH's affiliation
* add registry initialization instructions, update WebAuthn spec citation
* fixing up various things, add doc history entry
* provide erefs to dfns for attstn stmt fmt and extns idents, thx Giri!
* this is rev -02
* fix abstract
* fix various editorial items
* regen .html & .txt files from .xml
Commit: 5fd36c6c8c180631c6b93192bd65190533aa61a5
https://github.com/w3c/webauthn/commit/5fd36c6c8c180631c6b93192bd65190533aa61a5
Author: Adam Langley <agl@chromium.org>
Date: 2019-03-18 (Mon, 18 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Change prohibitions on PII in user handles to MUST.
Fixes #1146
Commit: 66515ffaf9d5d4cfcc2e882d1852434f4f333f8a
https://github.com/w3c/webauthn/commit/66515ffaf9d5d4cfcc2e882d1852434f4f333f8a
Author: Alexei Czeskis <alexei@czeskis.com>
Date: 2019-03-20 (Wed, 20 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Update SafetyNet attestation description (#1170)
* Update SafetyNet attestation description
Use official SafetyNet documentation as a reference rather than trying to keep this text up to date.
Also update links to documentation
* Clarify "ver" in safetynet
Explain what do to do with "ver" during verification
* Fix typo
* fix more typoos
* typo fix
* Updated wording around 'ver'
Commit: 7c793d2e0355b245d184a0de172fda197e0292dd
https://github.com/w3c/webauthn/commit/7c793d2e0355b245d184a0de172fda197e0292dd
Author: Adam Langley <agl@imperialviolet.org>
Date: 2019-03-20 (Wed, 20 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1185 from agl/issue1146
Change prohibitions on PII in user handles to MUST.
Commit: 8678b43688f4f2fda83bb69586011a800160fadc
https://github.com/w3c/webauthn/commit/8678b43688f4f2fda83bb69586011a800160fadc
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-03-20 (Wed, 20 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1168 from w3c/issue-1167-clarify-trust-path
Clarify relationship to trust path in RP registration step 16
Commit: 982edc7d668ed86979179dc4bcb2a0a3a1f6ef84
https://github.com/w3c/webauthn/commit/982edc7d668ed86979179dc4bcb2a0a3a1f6ef84
Author: Julian Tescher <jatescher@gmail.com>
Date: 2019-03-24 (Sun, 24 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Fix typo in Authentication example
Commit: 882985377ab4b3daf3d4960bab45a8cae624fd25
https://github.com/w3c/webauthn/commit/882985377ab4b3daf3d4960bab45a8cae624fd25
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-03-28 (Thu, 28 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1159 from w3c/issue-1153-authenticatorattachment-description
Fix incorrect AuthenticatorAttachment description
Commit: 871a1af48961938deeb3105a3af9ba300482579b
https://github.com/w3c/webauthn/commit/871a1af48961938deeb3105a3af9ba300482579b
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-03-28 (Thu, 28 Mar 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1190 from jtescher/patch-1
Fix typo in Authentication example
Commit: d76ddf59892c12087b18399b89bb95685671fd70
https://github.com/w3c/webauthn/commit/d76ddf59892c12087b18399b89bb95685671fd70
Author: Emil Lundberg <emil@emlun.se>
Date: 2019-04-03 (Wed, 03 Apr 2019)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #1182 from w3c/issue-978-self-attestation-not-required
Allow authenticators to do None instead of Self attestation
Commit: 703f495f5ff8093ed4015d2fa9bce02fbd41abec
https://github.com/w3c/webauthn/commit/703f495f5ff8093ed4015d2fa9bce02fbd41abec
Author: Emil Lundberg <emil@yubico.com>
Date: 2019-04-03 (Wed, 03 Apr 2019)
Changed paths:
M draft-hodges-webauthn-registries.html
M draft-hodges-webauthn-registries.txt
M draft-hodges-webauthn-registries.xml
M index.bs
Log Message:
-----------
Merge branch 'master' into link-fixes
Compare: https://github.com/w3c/webauthn/compare/e02924d96d15...703f495f5ff8
Received on Wednesday, 3 April 2019 20:42:43 UTC