W3C home > Mailing lists > Public > public-webauthn@w3.org > November 2019

[w3c/webauthn] 6f0e83: begin addressing AD comments

From: Emil Lundberg <noreply@github.com>
Date: Wed, 06 Nov 2019 11:24:21 -0800
To: public-webauthn@w3.org
Message-ID: <w3c/webauthn/push/refs/heads/emlun-reconstructed-master/000000-b0a534@github.com>
  Branch: refs/heads/emlun-reconstructed-master
  Home:   https://github.com/w3c/webauthn
  Commit: 6f0e83b2413c5e9a29fbedd04b70e91bb8f0ff66
      https://github.com/w3c/webauthn/commit/6f0e83b2413c5e9a29fbedd04b70e91bb8f0ff66

  Author: JeffH <jdhodges@google.com>
  Date:   2019-10-17 (Thu, 17 Oct 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
  begin addressing AD comments


  Commit: dd91217bc99a3ed0426946e507ecebf9266b1f85
      https://github.com/w3c/webauthn/commit/dd91217bc99a3ed0426946e507ecebf9266b1f85

  Author: JeffH <jdhodges@google.com>
  Date:   2019-10-17 (Thu, 17 Oct 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt

  Log Message:
  -----------
  update rendered .txt & .html to match .xml: these all are -03a (further commits to follow)


  Commit: cc9540449205cd73751b62a1f5222e3971293949
      https://github.com/w3c/webauthn/commit/cc9540449205cd73751b62a1f5222e3971293949

  Author: JeffH <jdhodges@google.com>
  Date:   2019-10-17 (Thu, 17 Oct 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
  editorial: fixup line-ending char, indentation, some section anchors


  Commit: 864521a9d164b0569d49653d2603a93c362c87bf
      https://github.com/w3c/webauthn/commit/864521a9d164b0569d49653d2603a93c362c87bf

  Author: JeffH <jdhodges@google.com>
  Date:   2019-10-17 (Thu, 17 Oct 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
  Align with RFC8288, rather than draft-nottingham-rfc5988bis. -03 release candidate


  Commit: 947e816bd4ebbfc04ff78e080aacc5f14568ec1a
      https://github.com/w3c/webauthn/commit/947e816bd4ebbfc04ff78e080aacc5f14568ec1a

  Author: JeffH <jdhodges@google.com>
  Date:   2019-10-18 (Fri, 18 Oct 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt

  Log Message:
  -----------
  update .txt .html to be actual rendered versions of .xml


  Commit: 22eeabb2e248a4c612d77bef4a029011c4d540b0
      https://github.com/w3c/webauthn/commit/22eeabb2e248a4c612d77bef4a029011c4d540b0

  Author: JeffH <jdhodges@google.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.xml
    M index.bs

  Log Message:
  -----------
  fixup per MBJ's comments


  Commit: c91847940acca38a750c1c695d9ec1d7c32e4d44
      https://github.com/w3c/webauthn/commit/c91847940acca38a750c1c695d9ec1d7c32e4d44

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M draft-hodges-webauthn-registries.html
    M draft-hodges-webauthn-registries.txt
    M draft-hodges-webauthn-registries.xml

  Log Message:
  -----------
  Align with RFC8288, update .txt & .html to be actual rendered versions of .xml (#1329)

* begin addressing AD comments

* update rendered .txt & .html to match .xml: these all are -03a (further commits to follow)

* editorial: fixup line-ending char, indentation, some section anchors

* Align with RFC8288, rather than draft-nottingham-rfc5988bis. -03 release candidate

* update .txt .html to be actual rendered versions of .xml

* fix error in .xml, update .html & .txt to match .xml


  Commit: d89514457fbad3822d413284b36ba413814697b9
      https://github.com/w3c/webauthn/commit/d89514457fbad3822d413284b36ba413814697b9

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  feature policy integ: add link to (#1328)


  Commit: 711738f300c32a4134a35e24d04e7cdee4f693cc
      https://github.com/w3c/webauthn/commit/711738f300c32a4134a35e24d04e7cdee4f693cc

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1320 from w3c/issue-1206-cddl-ref

Update CDDL reference


  Commit: a472f227057c27eebb961e0c23e5197b2c96de94
      https://github.com/w3c/webauthn/commit/a472f227057c27eebb961e0c23e5197b2c96de94

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1321 from w3c/issue-1100-spec-roadmap

Enhance spec roadmap section


  Commit: 1b58747972e9467c77e597d4ee2565f8054eda19
      https://github.com/w3c/webauthn/commit/1b58747972e9467c77e597d4ee2565f8054eda19

  Author: J.C. Jones <jc@mozilla.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1313 from w3c/issue-1305-uv-same-user

Clarify assumptions about single-user authenticator and relation to UV


  Commit: e3116143b020b0c9dd5eec73b1f1eeee93564b90
      https://github.com/w3c/webauthn/commit/e3116143b020b0c9dd5eec73b1f1eeee93564b90

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1325 from w3c/issue-1260-batch-attestation

Add batch attestation as alias of basic attestation


  Commit: e4e50c3b3a23100fcdb628cc547c5ee25885afe6
      https://github.com/w3c/webauthn/commit/e4e50c3b3a23100fcdb628cc547c5ee25885afe6

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1326 from w3c/issue-1133-makecred-authorize-collision-disclosure

Add explanatory note to step 3 in authenticatorMakeCredential


  Commit: eb66532d3b0426530ac5a721f75a03c141402f0f
      https://github.com/w3c/webauthn/commit/eb66532d3b0426530ac5a721f75a03c141402f0f

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1327 from w3c/issue-1201-tls

Explicitly mention running over TLS in WebAuthn API intro


  Commit: 33d8c0b62d0146312902ec88fa33127f707b79a5
      https://github.com/w3c/webauthn/commit/33d8c0b62d0146312902ec88fa33127f707b79a5

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update timeout examples to better agree with guidelines


  Commit: f61ebe262eec662c41193410e814100e77cc9e35
      https://github.com/w3c/webauthn/commit/f61ebe262eec662c41193410e814100e77cc9e35

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix off-by-factor-10 timeout example


  Commit: 3c568a473dc8cac3f167474c7e8455cab0d45a63
      https://github.com/w3c/webauthn/commit/3c568a473dc8cac3f167474c7e8455cab0d45a63

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Add explicit UV argument to registration example


  Commit: dfd4119da2b56b94eb105aa5da7f3a0febc65633
      https://github.com/w3c/webauthn/commit/dfd4119da2b56b94eb105aa5da7f3a0febc65633

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1319 from w3c/issue-1317-timeout-examples

Update timeout examples to better agree with guidelines


  Commit: 4f140696f8fe8cdf4fcce1152a8a8c7c2d703a75
      https://github.com/w3c/webauthn/commit/4f140696f8fe8cdf4fcce1152a8a8c7c2d703a75

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    A images/string-truncation.svg
    M index.bs

  Log Message:
  -----------
  Truncate strings for authenticators where needed. (#1316)

* Truncate strings for authenticators where needed.

There exist a significant number of authenticators that do not conform
to the current WebAuthn requirements in that they fail requests with
name/displayName strings longer than 64 bytes, rather than truncating
them.

This change adds a new requirement on user-agents that they maintain the
authenticator model for RPs by doing the truncation on their behalf in
this case. The alternative is that each RP will hit this edge-case and
do the truncation itself, thus the ecosystem will never be able to
support longer strings.

Since user-agents may now be doing truncation, this change also permits
truncation at the level of grapheme clusters (since user-agents
presumably have Unicode tables available).

Fixes #1296.

* Address Jeff and Emil's comments.


  Commit: 41b8c4581e836babc8e094359db6c16eaf29dd51
      https://github.com/w3c/webauthn/commit/41b8c4581e836babc8e094359db6c16eaf29dd51

  Author: Adam Langley <agl@imperialviolet.org>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Create a way to reference the following figure (#1323)


* Address Jeff and Emil's comments.

* Create a way to reference the following figure.

The fact that we have to keep the figure numbers in sync manually
annoyed me. Bikeshed isn't helping out here so I don't see a way to
avoid this for long-range links, but this change eliminates the need to
manually maintain some of the absolute numbers by providing a way to
insert the number of the following figure when the reference and figure
are close by.


  Commit: 7448d58b52e1da016cc710ac233a684939841e8d
      https://github.com/w3c/webauthn/commit/7448d58b52e1da016cc710ac233a684939841e8d

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Use CSS numbering for table references too (#1324)

* Generate "Figure" text in .figure-num-following

* Rename .figure-num-* to .figure-ref-*

Since the CSS rule now also generates the "Figure" text, not just the
number.

* Use CSS counter for table number references too

* Revert "Rename .figure-num-* to .figure-ref-*"

This reverts commit ffde79d01a1353fd1e70742658038b0ba7695db9.

* Revert "Generate "Figure" text in .figure-num-following"

This reverts commit e4f3f0c4a317d7c7f4ca47aeb8496dbe94bc3175.

* Move "Table " text out from CSS rules

When generated by the CSS rules, the "Table" text is not searchable by
the "find in page" tool in browsers.

* Unbreak <figcaption>s for tables


  Commit: 21adeca38186d4f41e5fd6836073a8f27931ecf9
      https://github.com/w3c/webauthn/commit/21adeca38186d4f41e5fd6836073a8f27931ecf9

  Author: Shane Weeden <sweeden@au1.ibm.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Update note in RP definition to indicate that non-WebAuthn FIDO clients MAY use origin values that are different than those specified for WebAuthn.


  Commit: 8fae55c446966facaca8e54b62fcc0f13c9ee546
      https://github.com/w3c/webauthn/commit/8fae55c446966facaca8e54b62fcc0f13c9ee546

  Author: Shane Weeden <sweeden@au1.ibm.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Minor updates based on reviewer feedback.


  Commit: 67d652e43ee0eb222a3af118abdebc1136024f17
      https://github.com/w3c/webauthn/commit/67d652e43ee0eb222a3af118abdebc1136024f17

  Author: Shane Weeden <sbweeden@users.noreply.github.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1332 from w3c/sbweeden_issue_1297

Update note in RP definition to indicate that non-WebAuthn FIDO clien…


  Commit: 0cf7f1368b920f2253318d42bd56cd35ff195d3b
      https://github.com/w3c/webauthn/commit/0cf7f1368b920f2253318d42bd56cd35ff195d3b

  Author: =JeffH <jdhodges@google.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  name the protocol (#1335)

* name the protocol

* fix annoying interstitial space


  Commit: ab5e1a0927b8a4bbd3b7d3c40205bd40de5d2b9a
      https://github.com/w3c/webauthn/commit/ab5e1a0927b8a4bbd3b7d3c40205bd40de5d2b9a

  Author: J.C. Jones <jc@mozilla.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Fix #1285 - Remove icons from PublicKeyCredentialEntity

As discussed in issue #1285, the image URL fields for PublicKeyCredentialEntity,
while intended for user interface design, are potent correlation mechanisms if
they are downloaded by RPs. RPs would have to take extraordinary care, beyond
reasonable measures, to avoid uses by RPs with mal-intent to cross-correlate
accounts. It is better for User Agents to use existing origin/icon mechanisms for
their UX designs, or to define new such mechanisms as-needed, that are
origin-wide rather than provide the possibility to embed detailed tracking
information into these URLs.


  Commit: 2e0fe7a85e4df9a062ea939844a99c2503e989ff
      https://github.com/w3c/webauthn/commit/2e0fe7a85e4df9a062ea939844a99c2503e989ff

  Author: J.C. Jones <jc@mozilla.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Merge pull request #1337 from jcjones/1285-image_deprecation

Fix #1285 - Remove icons from PublicKeyCredentialEntity


  Commit: 340792e937dcab53c3860b220d5b024ace371c24
      https://github.com/w3c/webauthn/commit/340792e937dcab53c3860b220d5b024ace371c24

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:
    M index.bs

  Log Message:
  -----------
  Reduce duplicated terminology (#1334)

* Move Assertion def in as an alias under Authentication Assertion

* De-duplicate attestation key/cert terms

* Replace "platform-provided authenticator" with "platform authenticator"

* Replace "internal authenticator" with "platform authenticator"

* Add links to [=client data=]

* Add links to [=credential public key=] and [=attestedCredentialData=]

* Replace "associated with" with "of"

* Define [=WebAuthn signature=]

* Add links to [=attestation signature=]

* De-duplicate "authentication signature"

* Add links to [=authorization gesture=]


  Commit: b0a5340c3df7926c0528cf91a190b0165a23ce68
      https://github.com/w3c/webauthn/commit/b0a5340c3df7926c0528cf91a190b0165a23ce68

  Author: Emil Lundberg <emil@yubico.com>
  Date:   2019-11-06 (Wed, 06 Nov 2019)

  Changed paths:

  Log Message:
  -----------
  Merge remote-tracking branch 'origin/partially_revert_a55edbf892' into reconstructed-master


Compare: https://github.com/w3c/webauthn/compare/6f0e83b2413c%5E...b0a5340c3df7
Received on Wednesday, 6 November 2019 19:24:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:59:08 UTC