W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2019

[w3c/webauthn] 175d9f: Clarify user identification in RP assertion verifi...

From: Rolf Lindemann <noreply@github.com>
Date: Wed, 05 Jun 2019 04:19:31 -0700
To: public-webauthn@w3.org
Message-ID: <w3c/webauthn/push/refs/heads/pass-through-other-assertion-formats/af08ce-014bc6@github.com>
  Branch: refs/heads/pass-through-other-assertion-formats
  Home:   https://github.com/w3c/webauthn
  Commit: 175d9fc98be8d9bcc110bbe62e307ea784428cae
      https://github.com/w3c/webauthn/commit/175d9fc98be8d9bcc110bbe62e307ea784428cae

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-09-20 (Thu, 20 Sep 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify user identification in RP assertion verification operation


  Commit: 66573376668da60df4b631bd3212ccae5b85cb59
      https://github.com/w3c/webauthn/commit/66573376668da60df4b631bd3212ccae5b85cb59

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-09-25 (Tue, 25 Sep 2018)

  Changed paths:
    M images/webauthn-registration-flow-01.svg

  Log Message:
  -----------
  Fix typo in figure 1


  Commit: d0397670a6ee2a9ccd0ae926adb2eea2c5a8d215
      https://github.com/w3c/webauthn/commit/d0397670a6ee2a9ccd0ae926adb2eea2c5a8d215

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-09-25 (Tue, 25 Sep 2018)

  Changed paths:
    M images/webauthn-registration-flow-01.svg

  Log Message:
  -----------
  Move text in Figure 1 to within bounding box


  Commit: 9f1a5d348e541cfdb03422b8d169a12cedbee851
      https://github.com/w3c/webauthn/commit/9f1a5d348e541cfdb03422b8d169a12cedbee851

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-01 (Mon, 01 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use "user handle mapped to user" language in user identification step


  Commit: c19327d6f8646f16f50a19c101140f8fcc852922
      https://github.com/w3c/webauthn/commit/c19327d6f8646f16f50a19c101140f8fcc852922

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-01 (Mon, 01 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add examples of how user might be identified


  Commit: 24cd9df04448a794eb894eaa150a3b7467045eab
      https://github.com/w3c/webauthn/commit/24cd9df04448a794eb894eaa150a3b7467045eab

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-01 (Mon, 01 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix typos in get() algorithm


  Commit: 7b487ffdac3a49bb09d2900f9a3e5fc8de874746
      https://github.com/w3c/webauthn/commit/7b487ffdac3a49bb09d2900f9a3e5fc8de874746

  Author: Ackermann Yuriy <ackermann.yuriy@gmail.com>
  Date:   2018-10-03 (Wed, 03 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  In safetynet attestation "nonce" is base64, not base64url


  Commit: 0225a138b9a7bb9054de4c1b276f2403e9f7d80a
      https://github.com/w3c/webauthn/commit/0225a138b9a7bb9054de4c1b276f2403e9f7d80a

  Author: Lucas Garron <lgarron@github.com>
  Date:   2018-10-04 (Thu, 04 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add the word "OPTIONAL" to `userVerification` field to match surrounding style.

Previously, `userVerification` was the only optional field of `PublicKeyCredentialRequestOptions` that didn't include the word "OPTIONAL", which can suggest at first glance that this field is not optional like the other optional ones. Adding the word is simple, and should avoid potential confusion.


  Commit: 782c678493385ff7e91f7fa93f6346e5bba58727
      https://github.com/w3c/webauthn/commit/782c678493385ff7e91f7fa93f6346e5bba58727

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-09 (Tue, 09 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Rewrite security consideration on attestation and MitM attacks


  Commit: 3ee0abed3f75a2de9080ca441319c192911071c5
      https://github.com/w3c/webauthn/commit/3ee0abed3f75a2de9080ca441319c192911071c5

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-10 (Wed, 10 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Note that attacker can replace the whole PublicKeyCredential object


  Commit: 4e2f2d913cca4b5e27bd89d429b36a60f0e52f14
      https://github.com/w3c/webauthn/commit/4e2f2d913cca4b5e27bd89d429b36a60f0e52f14

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-10-17 (Wed, 17 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Rephrase part about higher attack difficulty with direct attestation types


  Commit: 0c513dfd6ced48656e39c5dd7b17c2e81aa5d789
      https://github.com/w3c/webauthn/commit/0c513dfd6ced48656e39c5dd7b17c2e81aa5d789

  Author: =JeffH <mobileuser@kingsmountain.com>
  Date:   2018-10-22 (Mon, 22 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  update token binding citation (#1087)

* update token binding citation

* update tokbind ref to published RFC8471


  Commit: 5643359a906fa137a2b03c74173a95cf3f7d4f08
      https://github.com/w3c/webauthn/commit/5643359a906fa137a2b03c74173a95cf3f7d4f08

  Author: =JeffH <mobileuser@kingsmountain.com>
  Date:   2018-10-22 (Mon, 22 Oct 2018)

  Changed paths:

  Log Message:
  -----------
  update token binding citation (#1087)

* update token binding citation

* update tokbind ref to published RFC8471


  Commit: ddbd15a9ad347a04b6639576974c60362787ead0
      https://github.com/w3c/webauthn/commit/ddbd15a9ad347a04b6639576974c60362787ead0

  Author: =JeffH <mobileuser@kingsmountain.com>
  Date:   2018-10-22 (Mon, 22 Oct 2018)

  Changed paths:

  Log Message:
  -----------
  update token binding citation (#1087)

* update token binding citation

* update tokbind ref to published RFC8471


  Commit: f77a1abe9a8866168b7152f97ede0eb8e53691a3
      https://github.com/w3c/webauthn/commit/f77a1abe9a8866168b7152f97ede0eb8e53691a3

  Author: =JeffH <mobileuser@kingsmountain.com>
  Date:   2018-10-22 (Mon, 22 Oct 2018)

  Changed paths:

  Log Message:
  -----------
  update token binding citation (#1087)

* update token binding citation

* update tokbind ref to published RFC8471


  Commit: bc195aad084d73e570c581b12f866caff60ec222
      https://github.com/w3c/webauthn/commit/bc195aad084d73e570c581b12f866caff60ec222

  Author: =JeffH <mobileuser@kingsmountain.com>
  Date:   2018-10-22 (Mon, 22 Oct 2018)

  Changed paths:

  Log Message:
  -----------
  update token binding citation (#1087)

* update token binding citation

* update tokbind ref to published RFC8471


  Commit: 742c773cbc20b3cafa22533916d2528ff87e1361
      https://github.com/w3c/webauthn/commit/742c773cbc20b3cafa22533916d2528ff87e1361

  Author: Wendy Seltzer <wendy@seltzer.org>
  Date:   2018-10-23 (Tue, 23 Oct 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  May->might (#1103)

https://github.com/w3c/webauthn/issues/1098



  Commit: 7afd02eac65a555f694ed3d7b7cecde51fbb104c
      https://github.com/w3c/webauthn/commit/7afd02eac65a555f694ed3d7b7cecde51fbb104c

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-11-12 (Mon, 12 Nov 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify UP and UV flags in authenticator data section


  Commit: 7b1ca9d43ac6c63fa753bd24a5446226728e21d9
      https://github.com/w3c/webauthn/commit/7b1ca9d43ac6c63fa753bd24a5446226728e21d9

  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2018-11-28 (Wed, 28 Nov 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Refine introduction to compliant authenticators (#1109)

* Refine introduction to compliant authenticators

* Link terms: Platform Authenticators, Roaming Authenticators

As suggested in
https://github.com/w3c/webauthn/pull/1109#pullrequestreview-175007665



  Commit: 44cd21e0b8049dd2ae37ba5db14f5c35b6ab7be3
      https://github.com/w3c/webauthn/commit/44cd21e0b8049dd2ae37ba5db14f5c35b6ab7be3

  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2018-11-28 (Wed, 28 Nov 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Refine FIDO Security Considerations language (#1110)


  Commit: b2b114164460351a3e9941daf973ee63c3ea7950
      https://github.com/w3c/webauthn/commit/b2b114164460351a3e9941daf973ee63c3ea7950

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2018-11-28 (Wed, 28 Nov 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1094 from lgarron/optional-userVerification

Add the word "OPTIONAL" to `userVerification` field to match surrounding style.


  Commit: 8b5bbf56617c684c17dc750fcb51488caccea965
      https://github.com/w3c/webauthn/commit/8b5bbf56617c684c17dc750fcb51488caccea965

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2018-11-28 (Wed, 28 Nov 2018)

  Changed paths:
    M images/webauthn-registration-flow-01.svg

  Log Message:
  -----------
  Merge pull request #1085 from w3c/issue-1084-figure-typo

Fix typo in Figure 1


  Commit: 8fd57e34f23f3322dcd62a4b469fbc0c24e62112
      https://github.com/w3c/webauthn/commit/8fd57e34f23f3322dcd62a4b469fbc0c24e62112

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2018-11-28 (Wed, 28 Nov 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1113 from w3c/issue-1112-clarify-uv-up-flags

Clarify UP and UV flags in authenticator data section


  Commit: 486eb7b12fb443c4eab6ae8795d81c8f27d48710
      https://github.com/w3c/webauthn/commit/486eb7b12fb443c4eab6ae8795d81c8f27d48710

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-12-12 (Wed, 12 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Note that appid should be set to the previously used AppID


  Commit: 142cb066b67d4b9dc99e07990815645461ff6c64
      https://github.com/w3c/webauthn/commit/142cb066b67d4b9dc99e07990815645461ff6c64

  Author: Nick Steele <nsteele@duosecurity.com>
  Date:   2018-12-12 (Wed, 12 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Match text for identical verification steps

When verifying the registration response, we use different text than the identical step in verifying assertion. The hash is also referred/linked as 'RP ID Hash'  in the registration step text, rather than being referred/linked as the more helpful `rpIdHash`


  Commit: 5b083f934c2a2c5989f134316245475e2777a8d3
      https://github.com/w3c/webauthn/commit/5b083f934c2a2c5989f134316245475e2777a8d3

  Author: Nick Steele <nsteele@duosecurity.com>
  Date:   2018-12-12 (Wed, 12 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix typo in credential registration steps


  Commit: 2b826ef655faac81f24e92f93f78f62606bd80cb
      https://github.com/w3c/webauthn/commit/2b826ef655faac81f24e92f93f78f62606bd80cb

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2018-12-15 (Sat, 15 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1092 from w3c/issue-1089-extensions-argument-typo

Fix typos in get() algorithm


  Commit: f332dfe3dc31c9c336789812a8715c9eca24c38b
      https://github.com/w3c/webauthn/commit/f332dfe3dc31c9c336789812a8715c9eca24c38b

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2018-12-18 (Tue, 18 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1119 from nicksteele/patch-1

Match text for identical verification steps


  Commit: b78f82a7582ed7090a3341f079df4475fa58108b
      https://github.com/w3c/webauthn/commit/b78f82a7582ed7090a3341f079df4475fa58108b

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2018-12-21 (Fri, 21 Dec 2018)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Singularize Relying Parties' to Relying Party's


  Commit: c537d1ce6c9e420496ce5fcedb21393fea621baa
      https://github.com/w3c/webauthn/commit/c537d1ce6c9e420496ce5fcedb21393fea621baa

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-01-09 (Wed, 09 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify user identification in RP assertion verification operation (#1082)

Merging per review during 9-Jan-19 call


  Commit: d0b1603b0eae2ff0168aac4127fa4611e6171942
      https://github.com/w3c/webauthn/commit/d0b1603b0eae2ff0168aac4127fa4611e6171942

  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2019-01-09 (Wed, 09 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Singularize Relying Parties' to Relying Party's (#1126)


  Commit: c3ac19bac411e7bf92d43250bf07084404c011bd
      https://github.com/w3c/webauthn/commit/c3ac19bac411e7bf92d43250bf07084404c011bd

  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2019-01-09 (Wed, 09 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1120 from nicksteele/patch-2

Fix typo in credential registration steps


  Commit: ad9bd4708bc64a05b2d34403061414a288f0c99c
      https://github.com/w3c/webauthn/commit/ad9bd4708bc64a05b2d34403061414a288f0c99c

  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2019-01-09 (Wed, 09 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1093 from herrjemand/patch-3

In safetynet attestation "nonce" is base64, not base64url


  Commit: dafc308339f5e3875134ecb5d8b3dd87a9b67b26
      https://github.com/w3c/webauthn/commit/dafc308339f5e3875134ecb5d8b3dd87a9b67b26

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-09 (Wed, 09 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Remove extraneous newline


  Commit: d5facf08f4696a6457a7a8ec2c8caf709a15207e
      https://github.com/w3c/webauthn/commit/d5facf08f4696a6457a7a8ec2c8caf709a15207e

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-11 (Fri, 11 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add definition alias "WebAuthn Authenticator"


  Commit: ca629756f3589c4bf17431156e13d5f362be9c21
      https://github.com/w3c/webauthn/commit/ca629756f3589c4bf17431156e13d5f362be9c21

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-11 (Fri, 11 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use WebAuthn Authenticator term where appropriate

- Existing occurrences of "WebAuthn authenticator"
- First occurrence of "authenticator" in each major section
  - except section 7 because the first occurrence is in one of the
    algorithm steps.
  - except section 8 because the first occurrence is in the second
    subsection.
  - except section 10 because the first occurrence is in the extension
    definitions.
  - except section 11 because the first occurrence is in an item in a
    bullet-point list.
  - except section 12 because the first occurrence is already linked to
    "first-factor roaming authenticator".
  - except section 14 because the first occurrence is in an item in a
    bullet-point list.


  Commit: a68031ae0bf89875788289bc2b537e29ede993e1
      https://github.com/w3c/webauthn/commit/a68031ae0bf89875788289bc2b537e29ede993e1

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-11 (Fri, 11 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add examples of authenticator types to Authenticator definition


  Commit: c610a95ac555ea86bb8eb52640b947bdc36e6c5d
      https://github.com/w3c/webauthn/commit/c610a95ac555ea86bb8eb52640b947bdc36e6c5d

  Author: Philippe Le Hegaret <plh@w3.org>
  Date:   2019-01-16 (Wed, 16 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use RFC2119 for defined extensions (#1134)


  Commit: d9de1254080f44244954f378828046108911afd1
      https://github.com/w3c/webauthn/commit/d9de1254080f44244954f378828046108911afd1

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-18 (Fri, 18 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Let requireUserPresence always be true in authenticator operations

This fixes an oversight in commit
7f831e3c7ebf669041c6413acc8005c3efa0eb8b which causes it to be
technically allowed for the authenticator to return (UV = 1, UP = 0),
though the RP operations as currently specified would not accept such a
response.


  Commit: e09147554d84e808996344879f8d52791827ceaf
      https://github.com/w3c/webauthn/commit/e09147554d84e808996344879f8d52791827ceaf

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-18 (Fri, 18 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix android-safetynet trust path


  Commit: 776b7b14d6e8f64b101db7e92318c877c588e861
      https://github.com/w3c/webauthn/commit/776b7b14d6e8f64b101db7e92318c877c588e861

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-18 (Fri, 18 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Determine appid extension output after authenticator returns

This fixes the following corner case:

1. The user has a U2F authenticator A plugged in, which has been
   registered via the U2F API (i.e., with AppID).
2. The user has a CTAP2 authenticator B plugged in, which has been
   registered via the WebAuthn API (i.e., with RP ID).
3. The user initiates an authentication ceremony and the RP sets the
   `appid` extension.
4. The client runs the above client processing and discovers that
   authenticator A does not contain a credential for the RP ID, and
   retries with the AppID. This succeeds, and the client sets the
   extension's _output_ to `true`.
5. The client initiates authentication requests with both authenticator
   A and B, which both prompt the user for consent.
6. The user confirms user consent on authenticator B, which generates an
   assertion for the RP ID.
7. The client returns the assertion for the RP ID and the `appid` client
   extension output set to `true`.

So it was possible for the extension output to end up being `true` even
though the RP should verify the assertion using the RP ID and not the
AppID.


  Commit: 1091652cbc24048c6bb2529aaa6f35d0596d627f
      https://github.com/w3c/webauthn/commit/1091652cbc24048c6bb2529aaa6f35d0596d627f

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-01-18 (Fri, 18 Jan 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add None attestation case to RP ops registration step 16


  Commit: 443a5567315c47eb65d830e3d00ae6fffe732a92
      https://github.com/w3c/webauthn/commit/443a5567315c47eb65d830e3d00ae6fffe732a92

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-06 (Wed, 06 Feb 2019)

  Changed paths:
    A CODE_OF_CONDUCT.md
    M images/webauthn-registration-flow-01.svg
    M index.bs
    M w3c.json

  Log Message:
  -----------
  Merge branch 'master' into pr-1082-user-handle-mapped


  Commit: 10e5b47e5fa84b57665708ca70f98c802abd3df7
      https://github.com/w3c/webauthn/commit/10e5b47e5fa84b57665708ca70f98c802abd3df7

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-06 (Wed, 06 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update wording as suggested by @selfissued

See https://github.com/w3c/webauthn/pull/1091#discussion_r254050190



  Commit: c5c29b0eaf3cf072fca263184ab4870c13ec1e00
      https://github.com/w3c/webauthn/commit/c5c29b0eaf3cf072fca263184ab4870c13ec1e00

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-02-08 (Fri, 08 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  update spec to Level 2 (#1156)

Ok, since we had agreement on this week's call on doing this, am merging. 
fixes #1138 #1155


  Commit: b4a6110c20e7e03b526ad798aa1c8b6adff4bb4d
      https://github.com/w3c/webauthn/commit/b4a6110c20e7e03b526ad798aa1c8b6adff4bb4d

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-08 (Fri, 08 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Recommend minimal basic attestation batches (#1141)


  Commit: 11d549048ac5e462a4f9f44499032302adb29800
      https://github.com/w3c/webauthn/commit/11d549048ac5e462a4f9f44499032302adb29800

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-02-12 (Tue, 12 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Provide transport information during registration. (#1050)

* Provide transport information during registration.

This change adds a `getTransports` method to
`AuthenticatorAttestationResponse` that returns the
`AuthenticatorTransport` used to perform a registration, as well as
other transports that the user agent believes that the authenticator
supports.

Fixes #889
Fixes #851
See also #882

* Update in light of PR discussion.

[ went ahead and merged due to no objections to doing so ]


  Commit: 1909b5f0d0c85b1266cc9f04e0c31094972c4f6e
      https://github.com/w3c/webauthn/commit/1909b5f0d0c85b1266cc9f04e0c31094972c4f6e

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-13 (Wed, 13 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1145 from w3c/issue-1136-none-attestation-policy

Add None attestation case to RP ops registration step 16


  Commit: 52d46854b4d02eddf8274ef5fdedecbe8994bf2b
      https://github.com/w3c/webauthn/commit/52d46854b4d02eddf8274ef5fdedecbe8994bf2b

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-14 (Thu, 14 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1091 from w3c/pr-1082-user-handle-mapped

Use "user handle mapped to user" language in user identification step


  Commit: 9e72ec30ca11f8b23e9f09c28daa635f4171b77b
      https://github.com/w3c/webauthn/commit/9e72ec30ca11f8b23e9f09c28daa635f4171b77b

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-18 (Mon, 18 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix incorrect description of AuthenticatorAttachment

Fixes #1153

See https://github.com/w3c/webauthn/issues/1153



  Commit: eae2c22f5bf8ba95e3c60de85bd954c5e13915ec
      https://github.com/w3c/webauthn/commit/eae2c22f5bf8ba95e3c60de85bd954c5e13915ec

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-18 (Mon, 18 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Move AuthenticatorAttachment description to before IDL definition

For consistency with other IDL definition sections.


  Commit: d16d62204030f6757f8680d8362dbb261d0ae4f8
      https://github.com/w3c/webauthn/commit/d16d62204030f6757f8680d8362dbb261d0ae4f8

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-18 (Mon, 18 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Remove outdated hypothetical text addition


  Commit: df3eb9fd540886b943c60496d2d593c8601a0d33
      https://github.com/w3c/webauthn/commit/df3eb9fd540886b943c60496d2d593c8601a0d33

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-19 (Tue, 19 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge branch 'master' into issue-1128-webauthn-authenticator


  Commit: b387399a38862919a7e3b2b3fb4c354785196e91
      https://github.com/w3c/webauthn/commit/b387399a38862919a7e3b2b3fb4c354785196e91

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-20 (Wed, 20 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1130 from w3c/issue-1128-webauthn-authenticator

Add "Webauthn Authenticator" definition alias


  Commit: 4c074692cdf1da862d494ca35c0c2b93dcad8258
      https://github.com/w3c/webauthn/commit/4c074692cdf1da862d494ca35c0c2b93dcad8258

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-20 (Wed, 20 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1142 from w3c/issue-1132-android-safetynet-trust-path

Fix android-safetynet trust path


  Commit: 63640b3957d23a080462a6df4b723711bda7cfc9
      https://github.com/w3c/webauthn/commit/63640b3957d23a080462a6df4b723711bda7cfc9

  Author: plehegar <plh@w3.org>
  Date:   2019-02-20 (Wed, 20 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fixed various links, including new TR link


  Commit: b3ca189e18c43dd73f12057189041212a8bb1a40
      https://github.com/w3c/webauthn/commit/b3ca189e18c43dd73f12057189041212a8bb1a40

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-02-27 (Wed, 27 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use &mdash; instead of -


  Commit: 7bc2f0366c10e44d90390f2c8942738ff2759625
      https://github.com/w3c/webauthn/commit/7bc2f0366c10e44d90390f2c8942738ff2759625

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-02-27 (Wed, 27 Feb 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1131 from w3c/issue-1128-authenticator-examples

Add examples of authenticator types to Authenticator definition


  Commit: fca27b3cd5a1cbf610063193aa9e6abd7a6c5c8e
      https://github.com/w3c/webauthn/commit/fca27b3cd5a1cbf610063193aa9e6abd7a6c5c8e

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-06 (Wed, 06 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Clarify relationship to trust path in RP registration step 16


  Commit: b175880e638b2b8803c2371758c1b1f4f5463e1a
      https://github.com/w3c/webauthn/commit/b175880e638b2b8803c2371758c1b1f4f5463e1a

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-06 (Wed, 06 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Apply clarification to ECDAA as well


  Commit: 26cf7c62581ec913a06be4eb9ea94807a0468a32
      https://github.com/w3c/webauthn/commit/26cf7c62581ec913a06be4eb9ea94807a0468a32

  Author: J.C. Jones <james.jc.jones@gmail.com>
  Date:   2019-03-07 (Thu, 07 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1140 from w3c/issue-1123-uv-up

Let requireUserPresence always be true in authenticator operations


  Commit: 4de25bb480f30dbca8e83381637a5e04872484fd
      https://github.com/w3c/webauthn/commit/4de25bb480f30dbca8e83381637a5e04872484fd

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-03-07 (Thu, 07 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1143 from w3c/issue-1034-appid-output-corner-case

Determine appid extension output after authenticator returns


  Commit: 11126e87846c1677f6f5bf56f33086b875ea5e66
      https://github.com/w3c/webauthn/commit/11126e87846c1677f6f5bf56f33086b875ea5e66

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-03-07 (Thu, 07 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1118 from w3c/appid-note

Note that appid should be set to the previously used AppID


  Commit: 909b3c267babc181cdfc5d3aaf8b5033c5337703
      https://github.com/w3c/webauthn/commit/909b3c267babc181cdfc5d3aaf8b5033c5337703

  Author: Mike Jones <Michael.Jones@microsoft.com>
  Date:   2019-03-07 (Thu, 07 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Move Angelo Liao to the Former Editors list (#1172)


  Commit: 3fc3b1e8a71bf3a9962e7257ffcc0789dcfae023
      https://github.com/w3c/webauthn/commit/3fc3b1e8a71bf3a9962e7257ffcc0789dcfae023

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-03-11 (Mon, 11 Mar 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
   update registries draft per issue #1176 (#1177)


* this is rev -02 of this Internet-Draft:

* update JeffH's affiliation

* add registry initialization instructions, update WebAuthn spec citation

* fixing up various things, add doc history entry

* provide erefs to dfns for attstn stmt fmt and extns idents, thx Giri!


  Commit: 88695f49408f27b0da57fcdcafa737f6d53cf5f3
      https://github.com/w3c/webauthn/commit/88695f49408f27b0da57fcdcafa737f6d53cf5f3

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-12 (Tue, 12 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Allow authenticators to do None instead of Self attestation

See issue #978

https://github.com/w3c/webauthn/issues/978



  Commit: ce2b94710b78395a8d8ba55ae94d9904b1741067
      https://github.com/w3c/webauthn/commit/ce2b94710b78395a8d8ba55ae94d9904b1741067

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-03-12 (Tue, 12 Mar 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
  fixup registries internet-draft's abstract (#1181)

* update JeffH's affiliation

* add registry initialization instructions, update WebAuthn spec citation

* fixing up various things, add doc history entry

* provide erefs to dfns for attstn stmt fmt and extns idents, thx Giri!

* this is rev -02

* fix abstract

* fix various editorial items

* regen .html & .txt files from .xml


  Commit: f1b55b0a218d97ed015ceb7212a9b7ddacebfc05
      https://github.com/w3c/webauthn/commit/f1b55b0a218d97ed015ceb7212a9b7ddacebfc05

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-18 (Mon, 18 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update isUVPAA() scenario to agree with spec


  Commit: bd67d132b143bfed4e55bd32ed3435d36bc58402
      https://github.com/w3c/webauthn/commit/bd67d132b143bfed4e55bd32ed3435d36bc58402

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-18 (Mon, 18 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix grammar in section introduction


  Commit: 5fd36c6c8c180631c6b93192bd65190533aa61a5
      https://github.com/w3c/webauthn/commit/5fd36c6c8c180631c6b93192bd65190533aa61a5

  Author: Adam Langley <agl@chromium.org>
  Date:   2019-03-18 (Mon, 18 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Change prohibitions on PII in user handles to MUST.

Fixes #1146


  Commit: 66515ffaf9d5d4cfcc2e882d1852434f4f333f8a
      https://github.com/w3c/webauthn/commit/66515ffaf9d5d4cfcc2e882d1852434f4f333f8a

  Author: Alexei Czeskis <alexei@czeskis.com>
  Date:   2019-03-20 (Wed, 20 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update SafetyNet attestation description (#1170)

* Update SafetyNet attestation description

Use official SafetyNet documentation as a reference rather than trying to keep this text up to date.
Also update links to documentation

* Clarify "ver" in safetynet

Explain what do to do with "ver" during verification

* Fix typo

* fix more typoos

* typo fix

* Updated wording around 'ver'


  Commit: 7c793d2e0355b245d184a0de172fda197e0292dd
      https://github.com/w3c/webauthn/commit/7c793d2e0355b245d184a0de172fda197e0292dd

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-03-20 (Wed, 20 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1185 from agl/issue1146

Change prohibitions on PII in user handles to MUST.


  Commit: 8678b43688f4f2fda83bb69586011a800160fadc
      https://github.com/w3c/webauthn/commit/8678b43688f4f2fda83bb69586011a800160fadc

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-03-20 (Wed, 20 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1168 from w3c/issue-1167-clarify-trust-path

Clarify relationship to trust path in RP registration step 16


  Commit: b8940315474bd52901df94a61532e5783128d977
      https://github.com/w3c/webauthn/commit/b8940315474bd52901df94a61532e5783128d977

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-21 (Thu, 21 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Revert change to new TR link

As suggested in
https://github.com/w3c/webauthn/pull/1161#issuecomment-474941638



  Commit: 5338dde6fade40ba89a759e10a7f0549c6d4263d
      https://github.com/w3c/webauthn/commit/5338dde6fade40ba89a759e10a7f0549c6d4263d

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-03-21 (Thu, 21 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Revert "Revert change to new TR link"

This reverts commit b8940315474bd52901df94a61532e5783128d977.


  Commit: 982edc7d668ed86979179dc4bcb2a0a3a1f6ef84
      https://github.com/w3c/webauthn/commit/982edc7d668ed86979179dc4bcb2a0a3a1f6ef84

  Author: Julian Tescher <jatescher@gmail.com>
  Date:   2019-03-24 (Sun, 24 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix typo in Authentication example


  Commit: 191e67897c8513c64dec3c96a74364c891ab1906
      https://github.com/w3c/webauthn/commit/191e67897c8513c64dec3c96a74364c891ab1906

  Author: James Barclay <futureimperfect@users.noreply.github.com>
  Date:   2019-03-25 (Mon, 25 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Linked attestation statement format term in Section 8.1 to its definition, and linked to section 8.1 from 6.4. Fixes #1179.


  Commit: a946a09e07b59daef158b0c171baef7ff3563796
      https://github.com/w3c/webauthn/commit/a946a09e07b59daef158b0c171baef7ff3563796

  Author: James Barclay <futureimperfect@users.noreply.github.com>
  Date:   2019-03-25 (Mon, 25 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Created linkable definition for WebAuthn Extensions and linked to it throughout the spec. Fixes #1180.


  Commit: 882985377ab4b3daf3d4960bab45a8cae624fd25
      https://github.com/w3c/webauthn/commit/882985377ab4b3daf3d4960bab45a8cae624fd25

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-03-28 (Thu, 28 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1159 from w3c/issue-1153-authenticatorattachment-description

Fix incorrect AuthenticatorAttachment description


  Commit: 871a1af48961938deeb3105a3af9ba300482579b
      https://github.com/w3c/webauthn/commit/871a1af48961938deeb3105a3af9ba300482579b

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-03-28 (Thu, 28 Mar 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1190 from jtescher/patch-1

Fix typo in Authentication example


  Commit: e02924d96d1579300df21027427e4335d8532adf
      https://github.com/w3c/webauthn/commit/e02924d96d1579300df21027427e4335d8532adf

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-03 (Wed, 03 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1186 from w3c/link-fixes-no-tr

Revert change to new TR link


  Commit: d76ddf59892c12087b18399b89bb95685671fd70
      https://github.com/w3c/webauthn/commit/d76ddf59892c12087b18399b89bb95685671fd70

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-03 (Wed, 03 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1182 from w3c/issue-978-self-attestation-not-required

Allow authenticators to do None instead of Self attestation


  Commit: 703f495f5ff8093ed4015d2fa9bce02fbd41abec
      https://github.com/w3c/webauthn/commit/703f495f5ff8093ed4015d2fa9bce02fbd41abec

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-04-03 (Wed, 03 Apr 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml
    M index.bs

  Log Message:
  -----------
  Merge branch 'master' into link-fixes


  Commit: bd638f382a85363f754be7e33892ccf6de121d21
      https://github.com/w3c/webauthn/commit/bd638f382a85363f754be7e33892ccf6de121d21

  Author: James Barclay <futureimperfect@users.noreply.github.com>
  Date:   2019-04-06 (Sat, 06 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Addressed @emlun's comments about additional occurrences of WebAuthn extensions.


  Commit: c3e38641d39113eec8d75a16fb55bba08f41560a
      https://github.com/w3c/webauthn/commit/c3e38641d39113eec8d75a16fb55bba08f41560a

  Author: James Barclay <futureimperfect@users.noreply.github.com>
  Date:   2019-04-06 (Sat, 06 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Addressed @equalsJeffH's comment about linking to the packed attestation statement format, rather than the definition of attestation statement formats.


  Commit: 49fe1bb791362c271b95573924aad75b69797a73
      https://github.com/w3c/webauthn/commit/49fe1bb791362c271b95573924aad75b69797a73

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-10 (Wed, 10 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1161 from w3c/link-fixes

Fixed various links, including new TR link


  Commit: 2a254776ccaca7195fb97160e39d019d54dbc694
      https://github.com/w3c/webauthn/commit/2a254776ccaca7195fb97160e39d019d54dbc694

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-04-17 (Wed, 17 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Address review comments by @selfissued


  Commit: 07b58d51007d33dca4e620b2c3d1a2e6346d0775
      https://github.com/w3c/webauthn/commit/07b58d51007d33dca4e620b2c3d1a2e6346d0775

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-04-17 (Wed, 17 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Point out that isUVPAA example ends if isUVPAA returns false


  Commit: 2a68f5484246ddd44bb98c9a25568fb902e2159b
      https://github.com/w3c/webauthn/commit/2a68f5484246ddd44bb98c9a25568fb902e2159b

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-17 (Wed, 17 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1184 from w3c/issue-1178-update-uvpaa-scenario

 Update isUVPAA() scenario to agree with spec


  Commit: 0cd0ca30c16d8408d3d3d47d132f29950a22a2ac
      https://github.com/w3c/webauthn/commit/0cd0ca30c16d8408d3d3d47d132f29950a22a2ac

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-17 (Wed, 17 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1192 from futureimperfect/link-attestation-statment-format

Linked attestation statement format term in Section 8.1 to its defini…


  Commit: 5d11e6255b85665d9faa8763e1de8c0fbac78826
      https://github.com/w3c/webauthn/commit/5d11e6255b85665d9faa8763e1de8c0fbac78826

  Author: Emil Lundberg <emil@emlun.se>
  Date:   2019-04-17 (Wed, 17 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1193 from futureimperfect/create-linkable-def-for-webauthn-exts

Created linkable definition for WebAuthn Extensions and linked to it …


  Commit: d58c4ea368c4d6d56db9644bb3a3a7be94086a6a
      https://github.com/w3c/webauthn/commit/d58c4ea368c4d6d56db9644bb3a3a7be94086a6a

  Author: JeffH <jdhodges@google.com>
  Date:   2019-04-18 (Thu, 18 Apr 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml
    M images/webauthn-registration-flow-01.svg
    M index.bs
    M w3c.json

  Log Message:
  -----------
  Merge branch 'master' into issue-1088-leap-of-faith


  Commit: 12cd06a44449bb0375d2a6779830aaaacb6d35dc
      https://github.com/w3c/webauthn/commit/12cd06a44449bb0375d2a6779830aaaacb6d35dc

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-04-23 (Tue, 23 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Accept suggestions from @equalsJeffH


  Commit: a70254ea523f33df3d3e52941016f89370dbe754
      https://github.com/w3c/webauthn/commit/a70254ea523f33df3d3e52941016f89370dbe754

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-04-23 (Tue, 23 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add some embellishments to @equalsJeffH's suggestions


  Commit: 6f8a921f381806c5dbc709b3d553e5d2849b27dc
      https://github.com/w3c/webauthn/commit/6f8a921f381806c5dbc709b3d553e5d2849b27dc

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-04-26 (Fri, 26 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add considerations for string truncation.

Fixes #973.


  Commit: 2af6b4fa4544ab247bd4bf495945b1f9db8937fc
      https://github.com/w3c/webauthn/commit/2af6b4fa4544ab247bd4bf495945b1f9db8937fc

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-04-30 (Tue, 30 Apr 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Response to Emil's comments


  Commit: 447ef73752b207b9bee213fa019325f866d675c4
      https://github.com/w3c/webauthn/commit/447ef73752b207b9bee213fa019325f866d675c4

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-02 (Thu, 02 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Address @equalsJeffH's review comment


  Commit: a82ea4ca2f20a587562afbff3432a40c6b75e7ba
      https://github.com/w3c/webauthn/commit/a82ea4ca2f20a587562afbff3432a40c6b75e7ba

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-02 (Thu, 02 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Address @equalsJeffH's review comment


  Commit: cf1022f12852750d2452bad300646b4d76332e2d
      https://github.com/w3c/webauthn/commit/cf1022f12852750d2452bad300646b4d76332e2d

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-02 (Thu, 02 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1095 from w3c/issue-1088-leap-of-faith

Rewrite security consideration on attestation and MitM attacks


  Commit: d25dcb453b3d9981f06ec9a7f0fbf8565da87b09
      https://github.com/w3c/webauthn/commit/d25dcb453b3d9981f06ec9a7f0fbf8565da87b09

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-05-02 (Thu, 02 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Addressing some of aphillips's comments


  Commit: 9315c0aa2f66a5a72e25c81546f4e9e4d60a437f
      https://github.com/w3c/webauthn/commit/9315c0aa2f66a5a72e25c81546f4e9e4d60a437f

  Author: Shane Weeden <sbweeden@users.noreply.github.com>
  Date:   2019-05-08 (Wed, 08 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Initial proposal for modifications to resident key credential requirements (#1191)

* Initial proposal for modifications to resident key credential requirements to address
https://github.com/w3c/webauthn/issues/991


* No-op change to force re-check of ipr.

* Change back to IBM

* Resolve first round of feedback from @emlun

* Fix editorial issue reported by @emlun

* Add definition of non-resident credential and reference it in new ResidentKeyRequirement enum definitions.

* Rewrite resident key option handling as switch statements

* Incoporated meta-PR from @emlun and addressed current round of comments.

* Based on comments from WG call on 2019-04-03 (captured in https://github.com/w3c/webauthn/issues/991) I have changed the set of permitted ResidentKeyRequirement values back to one of discouraged, preferred, required.

* Updates based on review feedback and discussion of WG call on 2019-04-17.

* Address all review comments from week of April 17-24, 2019.

* Address feedback from @agl

* Minor update to credProps extension description per @emlun

* Addressed comments from @equalsJeffH

* Address a bunch of comments from @equalsJeffH that I missed in the conversation.

* Additional review fix from @equalsJeffH

* Fix minor typo spotted by @equalsJeffH

* build on credProps dfn to formalize authnr/client processing

* Minor edits to fix compile issue and grammar in the CredProps extension

* Per WebAuthn call on May 1, 2019, remove authenticator extension component of the new credProps exception.

* Address editorial comments from @emlun and @equalsJeffH

* Minor editorials from @emlun


  Commit: 1b13d2e6127e65b178e718a0afc67d2515c08d8a
      https://github.com/w3c/webauthn/commit/1b13d2e6127e65b178e718a0afc67d2515c08d8a

  Author: Nick Steele <nick@nicksteele.net>
  Date:   2019-05-08 (Wed, 08 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update Authenticator Definition (#1195)

* Simplify WebAuthn Authenticator Definition

* Update with Emil's edits

* add Akshay edits

* remove 'for example' text

* Edit for Jeff's comments 

s/ownership/possession/

* Add Jeff's comments


  Commit: 50bdd604d3977046ae6be48ef8804bcd488bc0e7
      https://github.com/w3c/webauthn/commit/50bdd604d3977046ae6be48ef8804bcd488bc0e7

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-08 (Wed, 08 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Rearrange terminology to be ordered by the first of the term aliases

Fixes #1194

See https://github.com/w3c/webauthn/issues/1194



  Commit: 8d2b789cbdbd33d948e4dacd4e2ea8226a6bd61e
      https://github.com/w3c/webauthn/commit/8d2b789cbdbd33d948e4dacd4e2ea8226a6bd61e

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-09 (Thu, 09 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix typo in PR #1195


  Commit: 12763df35f0139dbde6ccdb99e812a3c7671db60
      https://github.com/w3c/webauthn/commit/12763df35f0139dbde6ccdb99e812a3c7671db60

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-05-09 (Thu, 09 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Addressing Jeff's comments


  Commit: 559743229a0a6a63d445c04b92db4b1ab688b8b6
      https://github.com/w3c/webauthn/commit/559743229a0a6a63d445c04b92db4b1ab688b8b6

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-10 (Fri, 10 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1209 from w3c/issue-1194-rearrange-terminology

Rearrange terminology to be ordered by the first of the term aliases


  Commit: 81c0dfd4200ca094c0fdf78e7c2d52353a3dccdf
      https://github.com/w3c/webauthn/commit/81c0dfd4200ca094c0fdf78e7c2d52353a3dccdf

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-10 (Fri, 10 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Polish client device definition as suggested by @equalsJeffH

See issue #1216:
https://github.com/w3c/webauthn/issues/1216


See review comment:
https://github.com/w3c/webauthn/pull/1209#discussion_r282260388



  Commit: f041335347cc79b84b3d7da69fa91a3c7e7695ec
      https://github.com/w3c/webauthn/commit/f041335347cc79b84b3d7da69fa91a3c7e7695ec

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-05-10 (Fri, 10 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Remove explicit, and superfluous, prohibition on unpaired surrogates in UTF-8 data


  Commit: ef80a25d0dd85619b5d447982bcad1192d1fb23e
      https://github.com/w3c/webauthn/commit/ef80a25d0dd85619b5d447982bcad1192d1fb23e

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-13 (Mon, 13 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1213 from w3c/pr-1195-fix-typo

Fix typo in PR #1195


  Commit: 6fb9fd340c761f758bc24fed3ef4827484be9a4c
      https://github.com/w3c/webauthn/commit/6fb9fd340c761f758bc24fed3ef4827484be9a4c

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1217 from w3c/issue-1216-polish-client-device

Polish client device definition as suggested by @equalsJeffH


  Commit: 5326083231c6d1a151d6e90e2e985475eabd898d
      https://github.com/w3c/webauthn/commit/5326083231c6d1a151d6e90e2e985475eabd898d

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  fix #1166: clarify extension input/output data type names (#1210)


  Commit: 2a7528a216f74bd9380f9497e2216522e93b8987
      https://github.com/w3c/webauthn/commit/2a7528a216f74bd9380f9497e2216522e93b8987

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use consistent section id prefixes (#1212)

* Use section prefix sctn- consistently

* Use section ID prefix dictionary- for dictionary <dfn> sections

* Use section ID prefix enum- for enum <dfn> sections


  Commit: a6910a166fd9bee94d80218ab7e7c7786e53811c
      https://github.com/w3c/webauthn/commit/a6910a166fd9bee94d80218ab7e7c7786e53811c

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  feature policy integration (#1214)

this improves #911 -- we'll look in to adding indication of framedness in WD-02

* feature-policy initial inclusion

* add 'allowed to use' to create/get algs

* grovel around fixing cross-ref linkage breakages

* polish linkages

* remove 'allowed to use', it belongs in credman

* polish Feature Policy integration

* oops, promises must return errors, not throw them

* add Note to isUVPAA() wrt rejecting if not 'allowed to use'


  Commit: c9b1d4efd0be1e9d8da0388948d386eab9da673d
      https://github.com/w3c/webauthn/commit/c9b1d4efd0be1e9d8da0388948d386eab9da673d

  Author: Adam Langley <agl@google.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1205 from agl/stringtruncation

Add considerations for string truncation.


  Commit: db94f4a72567ede161a26482c8ba3292e737b70d
      https://github.com/w3c/webauthn/commit/db94f4a72567ede161a26482c8ba3292e737b70d

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-05-15 (Wed, 15 May 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1187 from w3c/link-fixes-tr-level2

Revert "Revert change to new TR link"


  Commit: 014bc63556ff07ab552262542066a04f7f00b7f1
      https://github.com/w3c/webauthn/commit/014bc63556ff07ab552262542066a04f7f00b7f1

  Author: rlin1 <rolf@noknok.com>
  Date:   2019-06-05 (Wed, 05 Jun 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml
    M images/webauthn-registration-flow-01.svg
    M index.bs

  Log Message:
  -----------
  Merge branch 'master' into pass-through-other-assertion-formats


Compare: https://github.com/w3c/webauthn/compare/af08ce9a40cd...014bc63556ff
Received on Wednesday, 5 June 2019 11:19:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:05 UTC