public-webauthn@w3.org from January 2019 by author

=JeffH via GitHub

• Re: [webauthn] Add notion of forbidding resident credential creation (#1149) (Wednesday, 30 January)
• [webauthn] Add notion of forbidding resident credential creation (#1149) (Tuesday, 29 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Tuesday, 29 January)
• Re: [webauthn] add notion of "enterprise" attestation (#1147) (Friday, 25 January)
• [webauthn] add notion of "enterprise" attestation (#1147) (Thursday, 24 January)
• [webauthn] new commits pushed by equalsJeffH (Wednesday, 23 January)
• Re: [webauthn] undefined terms and terms we really ought to define (#462) (Tuesday, 22 January)
• [webauthn] update editor's draft to link to newly published Prop Rec (#1138) (Thursday, 17 January)
• [webauthn] update @equalJeffH's affiliation (#1137) (Thursday, 17 January)
• [webauthn] add explanatory note to step 3 in authenticatorMakeCredential Operation (#1133) (Wednesday, 16 January)

Ackermann Yuriy via GitHub

• Re: [webauthn] Lack of support for modern ECC (#1124) (Wednesday, 23 January)
• Re: [webauthn] Add None attestation case to RP ops registration step 16 (#1145) (Wednesday, 23 January)
• Re: [webauthn] Fix android-safetynet trust path (#1142) (Wednesday, 23 January)
• Re: [webauthn] Recommend minimal basic attestation batches (#1141) (Friday, 18 January)
• Re: [webauthn] Redirected Icon Validation (#1139) (Friday, 18 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Thursday, 17 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Wednesday, 16 January)
• Re: [webauthn] Lack of support for modern ECC (#1124) (Wednesday, 16 January)
• Re: [webauthn] Use RFC2119 for defined extensions (#1134) (Wednesday, 16 January)
• Re: [webauthn] SafetyNet Attestation Clarifications (#968) (Wednesday, 16 January)
• Re: [webauthn] Indicate resident key credential "preferred" during registration and find out what the authenticator offered (#991) (Wednesday, 16 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Wednesday, 16 January)
• Re: [webauthn] Add "Webauthn Authenticator" definition alias (#1130) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO Authenticators (#1128) (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO Authenticators (#1128) (Friday, 11 January)
• [webauthn] Closed Pull Request: Replaced WebAuthn authenticator with FIDO2 authenticator (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO2 Authenticators (#1128) (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO2 Authenticators (#1128) (Friday, 11 January)
• [webauthn] Pull Request: Replaced WebAuthn authenticator with FIDO2 authenticator (Friday, 11 January)
• [webauthn] There is no such thing as WebAuthn Authenticators (#1128) (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)

Adam Langley via GitHub

• Re: [webauthn] Add None attestation case to RP ops registration step 16 (#1145) (Wednesday, 23 January)
• Re: [webauthn] Fix android-safetynet trust path (#1142) (Wednesday, 23 January)
• Re: [webauthn] Recommend minimal basic attestation batches (#1141) (Wednesday, 23 January)
• [webauthn] Maybe upgrade user handle PII prohibition to a MUST (#1146) (Friday, 18 January)
• Re: [webauthn] Redirected Icon Validation (#1139) (Thursday, 17 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)

Akshay Kumar

• RE: web-platform-tests results (Thursday, 10 January)

Akshay Kumar via GitHub

• Closed: [webauthn] Redirected Icon Validation (#1139) (Friday, 18 January)
• Re: [webauthn] Redirected Icon Validation (#1139) (Friday, 18 January)
• Re: [webauthn] Redirected Icon Validation (#1139) (Thursday, 17 January)
• Re: [webauthn] Redirected Icon Validation (#1139) (Thursday, 17 January)
• [webauthn] Redirected Icon Validation (#1139) (Thursday, 17 January)
• Closed: [webauthn] SafetyNet response as an extension (#1011) (Wednesday, 16 January)
• Re: [webauthn] Propose SafetyNet as an extension (#1010) (Wednesday, 16 January)
• [webauthn] Closed Pull Request: Propose SafetyNet as an extension (Wednesday, 16 January)
• Re: [webauthn] Propose SafetyNet as an extension (#1010) (Wednesday, 16 January)

Anthony Nadalin

• Proposed Face to Face WebAuthn WG level 2 Kickoff (Wednesday, 30 January)
• 01/23/2019 W3C Web Authentication WG Meeting Agenda (Tuesday, 22 January)
• Re: WebAuthn is a Proposed Recommendation (Thursday, 17 January)
• 01/16/2019 W3C Web Authentication WG Meeting Agenda (Tuesday, 15 January)
• 01/09/2019 W3C Web Authentication WG Meeting Agenda (Wednesday, 9 January)
• 01/02/2019 W3C Web Authentication WG Meeting Agenda - CANCELLED (Tuesday, 1 January)

Anthony Nadalin via GitHub

• Closed: [webauthn] Document wide review (#106) (Wednesday, 9 January)

Arnar Birgisson via GitHub

• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Thursday, 17 January)

Benjamin VanderSloot via GitHub

• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Thursday, 31 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)

Coralie Mercier

• Upcoming press activity opportunities open to W3C Members (Tuesday, 29 January)

David Waite via GitHub

• Re: [webauthn] Add notion of forbidding resident credential creation (#1149) (Thursday, 31 January)

Emil Lundberg

• Re: [webauthn] add notion of "enterprise" attestation (#1147) (Monday, 28 January)

Emil Lundberg via GitHub

• Re: [webauthn] Add notion of forbidding resident credential creation (#1149) (Thursday, 31 January)
• Re: [webauthn] Add notion of forbidding resident credential creation (#1149) (Thursday, 31 January)
• Re: [webauthn] add notion of "enterprise" attestation (#1147) (Monday, 28 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Monday, 28 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Friday, 25 January)
• Re: [webauthn] add notion of "enterprise" attestation (#1147) (Friday, 25 January)
• Re: [webauthn] Make appid extension always return true (#1144) (Wednesday, 23 January)
• Re: [webauthn] Make appid extension always return true (#1144) (Wednesday, 23 January)
• Re: [webauthn] Propose extension: Delegation of Authentication (#1125) (Wednesday, 23 January)
• [webauthn] Pull Request: Add None attestation case to RP ops registration step 16 (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• [webauthn] Pull Request: Make appid extension always return true (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• [webauthn] Pull Request: Determine appid extension output after authenticator returns (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• Re: [webauthn] spec is missing baseline posture that credential source is bound to a particular authenticator (#1122) (Friday, 18 January)
• [webauthn] Pull Request: Fix android-safetynet trust path (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• Re: [webauthn] Recommend minimal basic attestation batches (#1141) (Friday, 18 January)
• [webauthn] Pull Request: Recommend minimal basic attestation batches (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• [webauthn] Pull Request: Let requireUserPresence always be true in authenticator operations (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• [webauthn] new commits pushed by emlun (Friday, 18 January)
• [webauthn] RP ops registration step 16 is missing a case for None attestation (#1136) (Thursday, 17 January)
• Re: [webauthn] Refer android-safetynet verification to SafetyNet documentation? (#1135) (Thursday, 17 January)
• [webauthn] Refer android-safetynet verification to SafetyNet documentation? (#1135) (Thursday, 17 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Thursday, 17 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Thursday, 17 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Thursday, 17 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)
• Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954) (Wednesday, 16 January)
• [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Tuesday, 15 January)
• Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954) (Monday, 14 January)
• [webauthn] Pull Request: Add examples of authenticator types to Authenticator definition (Friday, 11 January)
• [webauthn] new commits pushed by emlun (Friday, 11 January)
• [webauthn] new commits pushed by emlun (Friday, 11 January)
• [webauthn] Pull Request: Add "Webauthn Authenticator" definition alias (Friday, 11 January)
• [webauthn] new commits pushed by emlun (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO Authenticators (#1128) (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO2 Authenticators (#1128) (Friday, 11 January)
• Re: [webauthn] WebAuthn Authenticators are FIDO2 Authenticators (#1128) (Friday, 11 January)
• [webauthn] new commits pushed by emlun (Wednesday, 9 January)
• Re: [webauthn] Leap of Faith not only for Self and None Attestation Types (#1088) (Wednesday, 9 January)
• Re: [webauthn] Rewrite security consideration on attestation and MitM attacks (#1095) (Wednesday, 9 January)

GitHub

• [w3c/webauthn] (Wednesday, 23 January)
• [w3c/webauthn] (Friday, 18 January)
• [w3c/webauthn] 109165: Add None attestation case to RP ops registration s... (Friday, 18 January)
• [w3c/webauthn] 20f027: Make appid extension always return true (Friday, 18 January)
• [w3c/webauthn] 776b7b: Determine appid extension output after authenticat... (Friday, 18 January)
• [w3c/webauthn] e09147: Fix android-safetynet trust path (Friday, 18 January)
• [w3c/webauthn] a81b7e: Recommend minimal basic attestation batches (Friday, 18 January)
• [w3c/webauthn] d9de12: Let requireUserPresence always be true in authenti... (Friday, 18 January)
• [w3c/webauthn] 08a088: Let requireUserPresence always be true in authenti... (Friday, 18 January)
• [w3c/webauthn] dfecb2: Built by Travis-CI: c610a95ac555ea86bb8eb52640b947... (Wednesday, 16 January)
• [w3c/webauthn] b42d87: Built by Travis-CI: c610a95ac555ea86bb8eb52640b947... (Wednesday, 16 January)
• [w3c/webauthn] c610a9: Use RFC2119 for defined extensions (#1134) (Wednesday, 16 January)
• [w3c/webauthn] d97d2e: Use RFC2119 for defined extensions (Wednesday, 16 January)
• [w3c/webauthn] f32a8e: Use RFC2119 for defined extensions (Wednesday, 16 January)

Gorka Lerchundi Osa via GitHub

• Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954) (Sunday, 13 January)

J.C. Jones via GitHub

• [webauthn] Merged Pull Request: In safetynet attestation "nonce" is base64, not base64url (Wednesday, 9 January)
• [webauthn] new commits pushed by jcjones (Wednesday, 9 January)
• Re: [webauthn] spec is missing baseline posture that credential source is bound to a particular authenticator (#1122) (Wednesday, 9 January)
• Re: [webauthn] Note that appid should be set to the previously used AppID (#1118) (Wednesday, 9 January)
• [webauthn] Merged Pull Request: Fix typo in credential registration steps (Wednesday, 9 January)
• [webauthn] new commits pushed by jcjones (Wednesday, 9 January)
• [webauthn] Merged Pull Request: Singularize a "Relying Parties'" to "Relying Party's" (Wednesday, 9 January)
• [webauthn] new commits pushed by jcjones (Wednesday, 9 January)

Jeff Hodges

• Re: [webauthn] add notion of "enterprise" attestation (#1147) (Monday, 28 January)
• Tagged the Proposed Rec commit in master branch (was: [w3c/webauthn] (Wednesday, 23 January)
• Re: WebAuthn and Credential Management (Thursday, 17 January)
• Re: WebAuthn and Credential Management (Thursday, 17 January)
• Re: WebAuthn and Credential Management (Thursday, 17 January)

Ki-Eun Shin via GitHub

• Re: [webauthn] Add notion of forbidding resident credential creation (#1149) (Thursday, 31 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Friday, 18 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Thursday, 17 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] No way to verify requireResidentKey during registration step at RP side (#1060) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)
• Re: [webauthn] Is android-safetynet attestation trust path limited to one cert? (#1132) (Wednesday, 16 January)

Mike Jones via GitHub

• Re: [webauthn] Make appid extension always return true (#1144) (Wednesday, 23 January)
• [webauthn] Merged Pull Request: Use RFC2119 for defined extensions (Wednesday, 16 January)
• [webauthn] new commits pushed by selfissued (Wednesday, 16 January)
• [webauthn] new commits pushed by selfissued (Wednesday, 9 January)
• [webauthn] Merged Pull Request: Clarify user identification in RP assertion verification operation (Wednesday, 9 January)
• Closed: [webauthn] Clarify which user to authenticate if userHandle is not present (#1078) (Wednesday, 9 January)

Mike West

• Re: WebAuthn and Credential Management (Wednesday, 16 January)

Philippe Le Hegaret via GitHub

• [webauthn] Pull Request: Use RFC2119 for defined extensions (Wednesday, 16 January)
• [webauthn] new commits pushed by plehegar (Wednesday, 16 January)
• [webauthn] new commits pushed by plehegar (Wednesday, 16 January)

Philippe Le Hégaret

• Re: WebAuthn and Credential Management (Thursday, 17 January)
• WebAuthn is a Proposed Recommendation (Thursday, 17 January)
• Re: WebAuthn and Credential Management (Thursday, 17 January)
• WebAuthn and Credential Management (Monday, 14 January)
• Re: Transition Request: Web Authentication to Proposed Recommendation (Friday, 11 January)

Roland Atoui via GitHub

• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)

Rolf Lindemann via GitHub

• Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) (Friday, 11 January)

Tangui via GitHub

• [webauthn] TPM attestation format & EdDSA & hash alg (#1148) (Saturday, 26 January)

ToruAoyagi via GitHub

• Re: [webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954) (Wednesday, 16 January)

Vikas Tandon

• Using a smart phone as an authenticator with WebAuthn (Thursday, 17 January)

WebAuthnBot via GitHub

• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 16 January)
• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 16 January)
• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 9 January)
• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 9 January)
• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 9 January)
• [webauthn] new commits pushed by WebAuthnBot (Wednesday, 9 January)

Last message date: Thursday, 31 January 2019 16:40:48 UTC