public-webauthn@w3.org from June 2019 by subject

06/05/2019 W3C Web Authentication WG Meeting Agenda

06/12/2019 W3C Web Authentication WG Meeting Agenda

06/19/2019 W3C Web Authentication WG Meeting Agenda

06/26/2019 W3C Web Authentication WG Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 045600: TR29 -> UTR29

[w3c/webauthn] 0c2609: Built by Travis-CI: 78ed130d0dffc0717aa415dff84ea4...

[w3c/webauthn] 0ef7c3: delete obsolete HTML53 anchor block

[w3c/webauthn] 126223: bikeshed cleanup: refs (#1241)

[w3c/webauthn] 152580: Address review comments by @equalsJeffH

[w3c/webauthn] 168db8: fixup syntax of various links and add proper UTR29...

[w3c/webauthn] 175d9f: Clarify user identification in RP assertion verifi...

[w3c/webauthn] 186cb5: export data-lt='webauthn-feature'

[w3c/webauthn] 1a48f8: Add RP ops step of verifying credential key algorithm

[w3c/webauthn] 1d414c: Scope down the set of supported capabilities to on...

[w3c/webauthn] 22ddb7: Built by Travis-CI: 9fd1f030aef1d56da53bd3dbcb960d...

[w3c/webauthn] 268fff: Correctly refer to the FIDO U2F JavaScript API and...

[w3c/webauthn] 2b5027: Built by Travis-CI: bf594e144dcbd53dfa7cfba9326e8f...

[w3c/webauthn] 2b6d1e: Built by Travis-CI: 4cc6257d66aba1ee1d4d78c6ad4727...

[w3c/webauthn] 2bc786: fix-1101-move-scenarios-section

[w3c/webauthn] 2e6a23: Built by Travis-CI: ee7b6e4a0a9ddf78df64c2180c0655...

[w3c/webauthn] 3981b6: added reference to UAF

[w3c/webauthn] 3996ab: Update User Verification to @equalsJeffH's proposal

[w3c/webauthn] 3e653f: merge from master and fix conflicts

[w3c/webauthn] 414e26: Add note about appid extension to RP assertion ver...

[w3c/webauthn] 48dc5f: Built by Travis-CI: d064d92d02dfbf9bdd33597aae2645...

[w3c/webauthn] 49578a: fix 'browsing context' and 'feature policy' dfn links

[w3c/webauthn] 4eb141: Add Rec to previous version

[w3c/webauthn] 5134fa: Add alt text

[w3c/webauthn] 6052a8: Built by Travis-CI: 00127b7f148b104b54328d7d301469...

[w3c/webauthn] 6db32a: Built by Travis-CI: d064d92d02dfbf9bdd33597aae2645...

[w3c/webauthn] 70e2a7: Built by Travis-CI: db05b82f794944f409117d817c038a...

[w3c/webauthn] 78ed13: move the scenarios section up with the use cases s...

[w3c/webauthn] 7c43fe: Built by Travis-CI: a1f635032b104f4cc8f05ef8f16544...

[w3c/webauthn] 8018d7: Built by Travis-CI: f404f3a377373ad8ee8da1755b5fc0...

[w3c/webauthn] 829866: Use [=authorization gesture=] term in authenticato...

[w3c/webauthn] 8a4e92: Draft improved guidance for using appid extension

[w3c/webauthn] 8f4b77: Built by Travis-CI: 96d7758f086f7b8e9b0aecde8e6f44...

[w3c/webauthn] 97a978: fix incorrect dfn links, thx emlun!

[w3c/webauthn] a1f635: coalesce HTML refs (#1243)

[w3c/webauthn] a36fb0: Built by Travis-CI: 126223e34a0f35d4db42c31a4d0de4...

[w3c/webauthn] a978c7: mark various citation occurances as normative

[w3c/webauthn] aa4e2a: Built by Travis-CI: 78ed130d0dffc0717aa415dff84ea4...

[w3c/webauthn] af676c: Remove unused <dfn>s from Table 2 in Authenticator...

[w3c/webauthn] b69617: Built by Travis-CI: ee7b6e4a0a9ddf78df64c2180c0655...

[w3c/webauthn] b9680d: Built by Travis-CI: a1f635032b104f4cc8f05ef8f16544...

[w3c/webauthn] bbc9d9: Revert "Concretize "security boundary defining the...

[w3c/webauthn] c2b39d: Clarify that a single user might be several persons

[w3c/webauthn] ce353c: remove all trailing whitespace

[w3c/webauthn] cf0a69: Built by Travis-CI: 9fd1f030aef1d56da53bd3dbcb960d...

[w3c/webauthn] d3971b: Built by Travis-CI: 268fff60da835ae54003bd9962f969...

[w3c/webauthn] d4cded: Built by Travis-CI: 268fff60da835ae54003bd9962f969...

[w3c/webauthn] db05b8: Re-merge PR #1165 (#1234)

[w3c/webauthn] dcc510: Apply edits suggested in PR #1242 review

[w3c/webauthn] e23795: Built by Travis-CI: 00127b7f148b104b54328d7d301469...

[w3c/webauthn] e68e2d: Built by Travis-CI: bf594e144dcbd53dfa7cfba9326e8f...

[w3c/webauthn] e6cb7b: Elaborate that a [=credential private key=] should...

[w3c/webauthn] e7d44d: Mkae client data hash step the same between RP ops

[w3c/webauthn] f1eb40: Built by Travis-CI: 96d7758f086f7b8e9b0aecde8e6f44...

[w3c/webauthn] f28cf3: Built by Travis-CI: f404f3a377373ad8ee8da1755b5fc0...

[w3c/webauthn] f4c34d: Built by Travis-CI: 126223e34a0f35d4db42c31a4d0de4...

[w3c/webauthn] fb0e20: Add rewordings proposed by @equalsJeffH

[w3c/webauthn] fb9337: Fix sentence-initial-word case

[w3c/webauthn] fe1524: fix #996 coalesce HTML refs

[webauthn] Add example of different RP ID and AppID (#1165)

[webauthn] Add explicit description on what should be done in incognito/private browsing mode (#1174)

[webauthn] Add guidance on using U2F key handles with appid extension (#1230)

[webauthn] Add notion of forbidding resident credential creation (#1149)

[webauthn] Add Rec to previous version (#1227)

[webauthn] Add “appidExclude” extension. (#1244)

[webauthn] Authenticators that do not recognize any handles shouldn't just be dropped on the floor (#863)

[webauthn] bikeshed cleanup: refs (#1241)

[webauthn] Browser capability detection. (#1219)

[webauthn] Can't exclude U2F credentals (#1235)

[webauthn] Clarify that a single user might be several persons (#1238)

[webauthn] Clean up Bikeshed warnings (#1225)

[webauthn] Closed Pull Request: Add Rec to previous version

[webauthn] Closed Pull Request: enhance/polish Appidexclude extension definition

[webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices (#969)

[webauthn] correctly refer to FIDO JavaScript APIs spec (#1233)

[webauthn] Correctly refer to the FIDO U2F JavaScript API and informatively refe… (#1239)

[webauthn] Create a WebDriver Virtual Authenticator extension to allow automated testing (#1236)

[webauthn] Divide Security/Privacy Considerations into subsections by audience? (#1039)

[webauthn] Document that U2F key handle = credential ID (#1229)

[webauthn] Editorial improvements to use cases section (#1247)

[webauthn] Enforce specific user verification methods (#1211)

[webauthn] enrichen registration and authentication ceremonies definitions (#1099)

[webauthn] export definitions? (#1049)

[webauthn] Extensible data structure for Authenticator Data (#1220)

[webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954)

[webauthn] How to get supported client extension (#1199)

[webauthn] Merged Pull Request: Add alt text

[webauthn] Merged Pull Request: Add guidance on using U2F key handles with appid extension

[webauthn] Merged Pull Request: Add RP ops step of verifying credential key algorithm

[webauthn] Merged Pull Request: bikeshed cleanup: refs

[webauthn] Merged Pull Request: bikeshed cleanup: remove all trailing whitespace

[webauthn] Merged Pull Request: Clarify that a single user might be several persons

[webauthn] Merged Pull Request: Clean up Bikeshed warnings

[webauthn] Merged Pull Request: Clean up RP operations

[webauthn] Merged Pull Request: coalesce HTML refs

[webauthn] Merged Pull Request: Correctly refer to the FIDO U2F JavaScript API and informatively refe…

[webauthn] Merged Pull Request: move the scenarios section up with the use cases section

[webauthn] Merged Pull Request: Polish definitions of credential key pair, private/public key

[webauthn] Merged Pull Request: Re-merge PR #1165

[webauthn] Merged Pull Request: Use "authorization gesture" term in authenticator operations

[webauthn] move sample scenarios section up to be after use cases section (#1101)

[webauthn] move the scenarios section up with the use cases section (#1242)

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by jafisher-microsoft

[webauthn] new commits pushed by rlin1

[webauthn] new commits pushed by WebAuthnBot

[webauthn] new commits pushed by wseltzer

[webauthn] Pass through other assertion formats (#1232)

[webauthn] Polish definitions of credential key pair, private/public key (#1226)

[webauthn] Poor documentation of how authnr aspects (platform, UV, RK) interact (#1231)

[webauthn] Privacy risk from revealing allowed credentials (#1246)

[webauthn] Provide API for indicating whether the platform has attached(bound) authenticator or not (#1218)

[webauthn] Pull Request: Add alt text

[webauthn] Pull Request: Add guidance on using U2F key handles with appid extension

[webauthn] Pull Request: Add Rec to previous version

[webauthn] Pull Request: Add “appidExclude” extension.

[webauthn] Pull Request: Apply edits suggested in PR #1242 review

[webauthn] Pull Request: bikeshed cleanup: refs

[webauthn] Pull Request: bikeshed-cleanup2: remove all trailing whitespace

[webauthn] Pull Request: Clarify that a single user might be several persons

[webauthn] Pull Request: coalesce HTML refs

[webauthn] Pull Request: Correctly refer to the FIDO U2F JavaScript API and informatively refe…

[webauthn] Pull Request: enhance/polish Appidexclude extension definition

[webauthn] Pull Request: fix-1101-move-scenarios-section

[webauthn] Pull Request: Pass through other assertion formats

[webauthn] Pull Request: Re-merge PR #1165

[webauthn] Pull Request: Use "authorization gesture" term in authenticator operations

[webauthn] Q: Regarding Security Concerns Surrounding WebAuthn: Don't Implement ECDAA (Yet) (#1196)

[webauthn] Re-focus resident key descriptions on allowCredentials aspect (#1197)

[webauthn] TPM section is missing TPMT_PUBLIC validation steps (#929)

[webauthn] Unspecified CBOR encoding of high-valued integer numbers due to unspecified threshold (#1044)

[webauthn] Update name, displayname and icon for RP and user (#1200)

[webauthn] WebAuthn available to Workers? aka "silent authentication" (#199)

[webauthn] Where is the code implementation for roaming authenticators? (#1221)

Call for Exclusions: Web Authentication:An API for accessing Public Key Credentials Level 2

Cleaned up stale branches

Closed: [webauthn] Clean up Bikeshed warnings (#1224)

Closed: [webauthn] cleanup: mark & structure biblio references consistently (#872)

Closed: [webauthn] coalesce HTML references? (#996)

Closed: [webauthn] correctly refer to FIDO JavaScript APIs spec (#1233)

Closed: [webauthn] Document that U2F key handle = credential ID (#1229)

Closed: [webauthn] double check language regarding requiring authorization gesture (#1215)

Closed: [webauthn] Enforce specific user verification methods (#1211)

Closed: [webauthn] Extensible data structure for Authenticator Data (#1220)

Closed: [webauthn] Missing steps of checking pubKeyCredParams during registration step at RP server (#1061)

Closed: [webauthn] move sample scenarios section up to be after use cases section (#1101)

Closed: [webauthn] Q: Regarding Security Concerns Surrounding WebAuthn: Don't Implement ECDAA (Yet) (#1196)

Closed: [webauthn] Refine User Verification description (#1162)

Closed: [webauthn] spec is missing baseline posture that credential source is bound to a particular authenticator (#1122)

Closed: [webauthn] Where is the code implementation for roaming authenticators? (#1221)

FYI: thread on migrating to WebAuthn from U2F

Horizontal Review Update: APA's Updated CAPTCHA Note Draft

PSA: Summary of new features in WebAuthn L2 FPWD relative to the WebAuthn Level 1 Recommendation

WebAuthn Level 2 WD01 published

Last message date: Friday, 28 June 2019 15:44:55 UTC