public-webauthn@w3.org from October 2019 by subject

10/02/2019 W3C Web Authentication WG Meeting Agenda

10/09/2019 W3C Web Authentication WG Meeting Agenda

10/16/2019 W3C Web Authentication WG Meeting Agenda

10/23/2019 W3C Web Authentication WG Meeting Agenda

10/30/2019 W3C Web Authentication WG Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 00114e: ack Nina (automation/webdriver) (#1310)

[w3c/webauthn] 03f840: name the protocol (#1335)

[w3c/webauthn] 0670cc: Add links to API introduction from ceremony defs

[w3c/webauthn] 09f59c: Update note in RP definition to indicate that non-...

[w3c/webauthn] 0ac7f0: Built by Travis-CI: 288cf58bed6d7967fd995d830ebf54...

[w3c/webauthn] 0ff0f9: name the protocol

[w3c/webauthn] 101146: Incorporate suggestion by @FabianHenneke

[w3c/webauthn] 10cc31: Enhance spec roadmap section

[w3c/webauthn] 127198: Built by Travis-CI: a1d4e065943ad6541475279907fae3...

[w3c/webauthn] 138f14: Built by Travis-CI: 28e8d9d1e5e69470e052b2dcc427a6...

[w3c/webauthn] 1c6c9c: Fix off-by-factor-10 timeout example

[w3c/webauthn] 1cdc30: TimeoutSuggestions

[w3c/webauthn] 22a9ff: Built by Travis-CI: 03f840658c7667029e9a20dcce8989...

[w3c/webauthn] 243d8f: Explicitly mention running over TLS in WebAuthn AP...

[w3c/webauthn] 24ecf5: Formalise beginning of RP ops

[w3c/webauthn] 2692f1: Built by Travis-CI: 831fca24174e1be656696d2f699eae...

[w3c/webauthn] 2ce473: ack Nina (automation/webdriver)

[w3c/webauthn] 2e44e6: Built by Travis-CI: a55edbf89206dc329d160abf7e9eb6...

[w3c/webauthn] 35c25d: Add batch attestation as alias of basic attestation

[w3c/webauthn] 36fe4e: Add note about use of floating point in extensions...

[w3c/webauthn] 3701cc: Built by Travis-CI: 88468caec499992ccbafafc8b9ca3f...

[w3c/webauthn] 3e864c: Address @equalsJeffH's review comments

[w3c/webauthn] 418053: Built by Travis-CI: fc62216d8a9f50faf0eca5bbf7dbe9...

[w3c/webauthn] 428bf8: Truncate strings for authenticators where needed. ...

[w3c/webauthn] 4304ea: Automation: AddVirtualAuthenticator

[w3c/webauthn] 443859: evauated -> evaluated

[w3c/webauthn] 488f47: Built by Travis-CI: 597abf93b0553b96e41b0f8280e295...

[w3c/webauthn] 48ff6d: Built by Travis-CI: 688582582e6c7fc85d74b2ac5ce110...

[w3c/webauthn] 4d16a3: Clarify that RP is split into server and script

[w3c/webauthn] 4ec28b: Update timeout examples to better agree with guide...

[w3c/webauthn] 50a22e: Add explanatory note to step 3 in authenticatorMak...

[w3c/webauthn] 5492d9: Built by Travis-CI: 976391dcba2bd7af6ea204e1a24ef8...

[w3c/webauthn] 5625b4: Move Assertion def in as an alias under Authentica...

[w3c/webauthn] 562caf: Update CDDL reference

[w3c/webauthn] 56ed99: Update timeout examples to better agree with guide...

[w3c/webauthn] 577c0a: Built by Travis-CI: fc62216d8a9f50faf0eca5bbf7dbe9...

[w3c/webauthn] 5bb839: Built by Travis-CI: 5dbea683ac4651254896c9080cbf71...

[w3c/webauthn] 5d4313: Enrichen registration and authentication ceremonie...

[w3c/webauthn] 6b03c6: revise draft-hodges-webauthn-registries per AD rev...

[w3c/webauthn] 6bb9b1: fix error in .xml, update .html & .txt to match .xml

[w3c/webauthn] 6f0e83: begin addressing AD comments

[w3c/webauthn] 717fd3: Built by Travis-CI: a55edbf89206dc329d160abf7e9eb6...

[w3c/webauthn] 76bc7e: Built by Travis-CI: 88468caec499992ccbafafc8b9ca3f...

[w3c/webauthn] 7a9fcc: Built by Travis-CI: df1808614580fc73dbdcd40992f1d1...

[w3c/webauthn] 7e6648: Built by Travis-CI: 03f840658c7667029e9a20dcce8989...

[w3c/webauthn] 7f1f3e: Use CSS numbering for table references too (#1324)

[w3c/webauthn] 7f5f54: Built by Travis-CI: 6b03c655991eadcdc6f13de46dde29...

[w3c/webauthn] 8327ed: Built by Travis-CI: 5dbea683ac4651254896c9080cbf71...

[w3c/webauthn] 847ae9: Unbreak <figcaption>s for tables

[w3c/webauthn] 850ec6: Add security consideration on client-authnr direct...

[w3c/webauthn] 864521: Align with RFC8288, rather than draft-nottingham-r...

[w3c/webauthn] 88292b: minor editorial

[w3c/webauthn] 88468c: Use CSS numbering for table references too (#1324)

[w3c/webauthn] 947e81: update .txt .html to be actual rendered versions o...

[w3c/webauthn] 97411d: Create a way to reference the following figure (#1...

[w3c/webauthn] a038ea: Built by Travis-CI: 688582582e6c7fc85d74b2ac5ce110...

[w3c/webauthn] a05564: Built by Travis-CI: 597abf93b0553b96e41b0f8280e295...

[w3c/webauthn] a13cfb: Built by Travis-CI: 97411db5d75aa041cffb304e89cbcd...

[w3c/webauthn] a14e11: Minor updates based on reviewer feedback.

[w3c/webauthn] a1d4e0: feature policy integ: add link to (#1328)

[w3c/webauthn] a3991a: fix annoying interstitial space

[w3c/webauthn] a506a7: Built by Travis-CI: 904e09e396fe883d14678f56cf0abf...

[w3c/webauthn] a55edb: Align with RFC8288, update .txt & .html to be actu...

[w3c/webauthn] a7da25: Update CDDL reference

[w3c/webauthn] ae8be3: re-alphabetize 'Contributors'

[w3c/webauthn] b57ffb: Built by Travis-CI: df1808614580fc73dbdcd40992f1d1...

[w3c/webauthn] b58f3a: Add definition link to "bound" term

[w3c/webauthn] b5c400: Timeout considerations (#1317)

[w3c/webauthn] b66dce: Built by Travis-CI: 428bf827db5fa8d45865fcce7a4142...

[w3c/webauthn] c5faf2: Built by Travis-CI: b5c400104b3fb9c8eaac5cbea63474...

[w3c/webauthn] c6df5f: feature policy integ: add link to

[w3c/webauthn] c7406d: Truncate strings for authenticators where needed.

[w3c/webauthn] c7e44f: Add privacy considerations about credential IDs (#...

[w3c/webauthn] cc9540: editorial: fixup line-ending char, indentation, so...

[w3c/webauthn] cd5216: Remove note about UV verifying the same user in ge...

[w3c/webauthn] dbcf59: Fix #1285 - Remove icons from PublicKeyCredentialE...

[w3c/webauthn] dd9121: update rendered .txt & .html to match .xml: these ...

[w3c/webauthn] de3263: one more time: evauated -> evaluated

[w3c/webauthn] de9a4f: Revert "Rename .figure-num-* to .figure-ref-*"

[w3c/webauthn] e032e0: Built by Travis-CI: a1d4e065943ad6541475279907fae3...

[w3c/webauthn] e2b800: Replace "platform-provided authenticator" with "pl...

[w3c/webauthn] e4f3f0: Generate "Figure" text in .figure-num-following

[w3c/webauthn] e5a4fc: Built by Travis-CI: 976391dcba2bd7af6ea204e1a24ef8...

[w3c/webauthn] e7e11c: Focus privacy leak more on second-factor than non-...

[w3c/webauthn] ea3419: Seconds to Milliseconds

[w3c/webauthn] ed30ba: Built by Travis-CI: 831fca24174e1be656696d2f699eae...

[w3c/webauthn] f2aff3: Built by Travis-CI: 428bf827db5fa8d45865fcce7a4142...

[w3c/webauthn] f2c92d: Built by Travis-CI: b5c400104b3fb9c8eaac5cbea63474...

[w3c/webauthn] f47aa6: Built by Travis-CI: 97411db5d75aa041cffb304e89cbcd...

[w3c/webauthn] f80bb5: Add CSS class .figure-num-previous

[w3c/webauthn] ff8f32: Built by Travis-CI: 904e09e396fe883d14678f56cf0abf...

[webauthn] 14.6.3. Privacy leak via credential IDs (#1311)

[webauthn] ack Nina (automation/webdriver) (#1310)

[webauthn] add indication of cross-origin operation in `collectedClientData` (#1276)

[webauthn] Add note about use of floating point in extensions passed through that clients do not recognize (#1307)

[webauthn] Add to sec cons a brief discussion of the sec properties accrued by authnr & client platform proximity (#1257)

[webauthn] Add to sec cons a brief discussion of the sec properties accrued by authnr & client platform proximity (#1333)

[webauthn] cccccclllifvgblhcutfdjckfbcdnvvjbvuvicekccft (#1315)

[webauthn] Clarify how a user can authenticate from multiple devices (#151)

[webauthn] Clarify relation between requireUserVerification values for MakeCredential and GetAssertion (#1305)

[webauthn] Clarify Relying Party Server or Server (#1309)

[webauthn] Clearly define the way how RP handles the extensions (#1258)

[webauthn] Consider allowing RPs to indicate that they want platform authenticators to be synced across devices (#969)

[webauthn] Consider rewording restrictions around origin (#1297)

[webauthn] Consider whether browsers should truncate `name` and `displayName`. (#1296)

[webauthn] Create a way to reference the following figure (#1323)

[webauthn] Eliminate duplicate terminology (#358)

[webauthn] Enrichen registration and authentication ceremonies definitions (#1330)

[webauthn] Explicitly prohibit use of WebAuthn from non-visible cross-origin iframes (#1303)

[webauthn] Fix #1285 - Remove icons from PublicKeyCredentialEntity (#1337)

[webauthn] Integrate with Feature Policy and possibly Permissions and define appropriate identifier value for WebAuthn (#911)

[webauthn] Low timeout bounds for inline bio enrollment of FIDO2 keys (#1286)

[webauthn] Merged Pull Request: ack Nina (automation/webdriver)

[webauthn] Merged Pull Request: Add a WebDriver Virtual Authenticator extension

[webauthn] Merged Pull Request: Add batch attestation as alias of basic attestation

[webauthn] Merged Pull Request: Add explanatory note to step 3 in authenticatorMakeCredential

[webauthn] Merged Pull Request: Add note about use of floating point in extensions passed through that clients do not recognize

[webauthn] Merged Pull Request: Add privacy considerations about credential IDs

[webauthn] Merged Pull Request: Align with RFC8288, update .txt & .html to be actual rendered versions of .xml

[webauthn] Merged Pull Request: Clarify assumptions about single-user authenticator and relation to UV

[webauthn] Merged Pull Request: Clarify that RP is split into server and script

[webauthn] Merged Pull Request: Create a way to reference the following figure

[webauthn] Merged Pull Request: Enhance spec roadmap section

[webauthn] Merged Pull Request: Explicitly mention running over TLS in WebAuthn API intro

[webauthn] Merged Pull Request: feature policy integration: add link to "allowed to use"

[webauthn] Merged Pull Request: Fix #1285 - Remove icons from PublicKeyCredentialEntity

[webauthn] Merged Pull Request: name the protocol

[webauthn] Merged Pull Request: Re-merge PR #1324

[webauthn] Merged Pull Request: Recommend RPs to store transport hints

[webauthn] Merged Pull Request: revise draft-hodges-webauthn-registries per AD review and initiate work on rev -03

[webauthn] Merged Pull Request: Timeout considerations

[webauthn] Merged Pull Request: Truncate strings for authenticators where needed.

[webauthn] Merged Pull Request: Update CDDL reference

[webauthn] Merged Pull Request: Update timeout examples to better agree with guidelines

[webauthn] Merged Pull Request: Use CSS numbering for table references too

[webauthn] name the protocol (#1335)

[webauthn] new commits pushed by agl

[webauthn] new commits pushed by akshayku

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by equalsJeffH

[webauthn] new commits pushed by jcjones

[webauthn] new commits pushed by sbweeden

[webauthn] new commits pushed by selfissued

[webauthn] new commits pushed by WebAuthnBot

[webauthn] Prohibit Create Credential from cross-origin iframes (#1336)

[webauthn] Pull Request: ack Nina (automation/webdriver)

[webauthn] Pull Request: Add batch attestation as alias of basic attestation

[webauthn] Pull Request: Add explanatory note to step 3 in authenticatorMakeCredential

[webauthn] Pull Request: Add to sec cons a brief discussion of the sec properties accrued by authnr & client platform proximity

[webauthn] Pull Request: Align with RFC8288, update .txt & .html to be actual rendered versions of .xml

[webauthn] Pull Request: Clarify assumptions about single-user authenticator and relation to UV

[webauthn] Pull Request: Clarify that RP is split into server and script

[webauthn] Pull Request: Create a way to reference the following figure

[webauthn] Pull Request: Enrichen registration and authentication ceremonies definitions

[webauthn] Pull Request: Explicitly mention running over TLS in WebAuthn API intro

[webauthn] Pull Request: feature policy integration: add link to "allowed to use"

[webauthn] Pull Request: Fix #1285 - Remove icons from PublicKeyCredentialEntity

[webauthn] Pull Request: Issue 1100 spec roadmap

[webauthn] Pull Request: name the protocol

[webauthn] Pull Request: Re-merge PR #1324

[webauthn] Pull Request: Reduce duplicated terminology

[webauthn] Pull Request: revise draft-hodges-webauthn-registries per AD review and initiate work on rev -03

[webauthn] Pull Request: Timeout considerations

[webauthn] Pull Request: Truncate strings for authenticators where needed.

[webauthn] Pull Request: Update CDDL reference

[webauthn] Pull Request: Update timeout examples to better agree with guidelines

[webauthn] Pull Request: Use CSS numbering for table references too

[webauthn] Re-merge PR #1324 (#1338)

[webauthn] Recovering from Device Loss (#931)

[webauthn] Reduce duplicated terminology (#1334)

[webauthn] Refer to IntersectionObserver from the Security Considerations (#1105)

[webauthn] Requiring user gesture to call WebAuthn API (#1293)

[webauthn] revise draft-hodges-webauthn-registries per AD review and initiate work on rev -03 (#1322)

[webauthn] RP guidance for `invalidStateError` returned from `[[Create]]()` (#1331)

[webauthn] Specify if clients are expected to follow redirects for icon URLs (#1285)

[webauthn] Timeout considerations (#1317)

[webauthn] Truncate strings for authenticators where needed. (#1316)

[webauthn] undefined terms and terms we really ought to define (#462)

[webauthn] Underspecified client output in `exts` extension (#1314)

[webauthn] update CDDL reference (#1206)

[webauthn] update timeout values in examples (due to new timeout value recommendations) ? (#1318)

[webauthn] Use CSS numbering for table references too (#1324)

Closed: [webauthn] add explanatory note to step 3 in authenticatorMakeCredential Operation (#1133)

Closed: [webauthn] add term "batch attestation" synonymous with "basic attestation"... (#1260)

Closed: [webauthn] cccccclllifvgblhcutfdjckfbcdnvvjbvuvicekccft (#1315)

Closed: [webauthn] Certain issues in client extension pass-through specification (#1273)

Closed: [webauthn] Clarify relation between requireUserVerification values for MakeCredential and GetAssertion (#1305)

Closed: [webauthn] Clarify Relying Party Server or Server (#1309)

Closed: [webauthn] Consider rewording restrictions around origin (#1297)

Closed: [webauthn] Consider whether browsers should truncate `name` and `displayName`. (#1296)

Closed: [webauthn] Create a WebDriver Virtual Authenticator extension to allow automated testing (#1236)

Closed: [webauthn] enhance spec roadmap section (#1100)

Closed: [webauthn] explicitly mention running over TLS in WebAuthn API intro (#1201)

Closed: [webauthn] finish up on "provide transport info during registration" (#1188)

Closed: [webauthn] Low timeout bounds for inline bio enrollment of FIDO2 keys (#1286)

Closed: [webauthn] Privacy leak via credential IDs also applies to resident credentials (#1311)

Closed: [webauthn] Privacy risk from revealing allowed credentials (#1246)

Closed: [webauthn] Refer to IntersectionObserver from the Security Considerations (#1105)

Closed: [webauthn] Specify if clients are expected to follow redirects for icon URLs (#1285)

Closed: [webauthn] update CDDL reference (#1206)

Closed: [webauthn] update timeout values in examples (due to new timeout value recommendations) ? (#1318)

COSE and JOSE Registrations for WebAuthn Algorithms spec addressing WGLC comments

Fwd: New Version Notification for draft-hodges-webauthn-registries-03.txt

Modal Dialog Proposal

Thanks for TPAC meeting; Request for minutes URI?

Web Authentication Working Group Revised Charter Approved; Call for Participation

Last message date: Wednesday, 30 October 2019 23:10:29 UTC