- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 11 Sep 2019 16:16:03 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by emlun to https://github.com/w3c/webauthn: * Add “appidExclude” extension. This change adds a registration-only “appidExclude” extension that allows platforms to make excludeCredentials effective when transitioning from U2F. It's a separate extension from “appid” because that extension was documented in level one as being authentication-only and some implementations thus reject it for registration. Also, having an “appid” extension that's effective during registration invites people to believe that it does the “obvious” thing and allows the creation of U2F credentials, which isn't true. Fixes #1235. by Adam Langley https://github.com/w3c/webauthn/commit/62a7b3bb7edbda2a1e346472c606198421b34892 * Address some of Jeff's comments by Adam Langley https://github.com/w3c/webauthn/commit/acf62ad76a9d1d05d710e452c78b178a7f992d22 * apply polish by JeffH https://github.com/w3c/webauthn/commit/485df4999859c06579ac8133b0f84786ca552993 * Merge pull request #3 from agl/appidexclude-jeffh apply polish by Adam Langley https://github.com/w3c/webauthn/commit/8a5917a94dc4918894a8e95df3bcfdbe326adad4 * Merge branch 'master' into appidexclude by JeffH https://github.com/w3c/webauthn/commit/bfba3fe1099fa42211b83679e86d10b168736ec3 * Apply edits suggested in PR #1242 review See https://github.com/w3c/webauthn/pull/1242#pullrequestreview-254659344 by Emil Lundberg https://github.com/w3c/webauthn/commit/dcc510b1b97cbf7be0bbd0f34bcc6598c48ee93d * Merge branch 'master' into issue-1247-use-cases-polish by JeffH https://github.com/w3c/webauthn/commit/b194d3e10bc6a70ce520e51211271f6f897729e8 * Apply suggestions from code review apply @emluyn's polishing, thx! Co-Authored-By: Emil Lundberg <emil@emlun.se> by =JeffH https://github.com/w3c/webauthn/commit/916aad6a6f3167380d4e1c9fcfddc6e36bb05768 * Re-focus resident key definitions around allowCredentials aspect See issue #1197 https://github.com/w3c/webauthn/issues/1197 by Emil Lundberg https://github.com/w3c/webauthn/commit/0690ac75509c2de2e71e0fcda64ea96fd237b155 * Apply suggestions from code review Thanks @equalsJeffH! Co-Authored-By: =JeffH <jdhodges@google.com> by Emil Lundberg https://github.com/w3c/webauthn/commit/0e755d53a9025f41b7124261c4d0257d65fb606c * Apply more suggestions from code review Thanks @equalsJeffH! Co-Authored-By: =JeffH <jdhodges@google.com> by Emil Lundberg https://github.com/w3c/webauthn/commit/5dc3082fcdd4bfdf224a1460516f24208b3ddd26 * Use more accurate terms as pointed out by @equalsJeffH by Emil Lundberg https://github.com/w3c/webauthn/commit/5c82e09be660bfc8b1503d19045164622c3e9a21 * Prettify whitespace by Emil Lundberg https://github.com/w3c/webauthn/commit/8e5819d14abb4267f9007509205ea5022e7b6690 * Use the correct Infra reference for "empty" by Emil Lundberg https://github.com/w3c/webauthn/commit/645538f3220ab85cb31b84d6fb9003e1411ca07d * Rewrite Authenticator Taxonomy introduction Start with some example use cases, and expand on what distinguishes the most interesting use cases from the less interesting ones. by Emil Lundberg https://github.com/w3c/webauthn/commit/edb93f701edf78f588ad18c321af47123fe0edb6 * Change "roam among" to "roam between" by Emil Lundberg https://github.com/w3c/webauthn/commit/63575b2451216ff0e3890c5bdfe6d4be49c9d58c * Clarify platform-authnr-as-roaming description by Emil Lundberg https://github.com/w3c/webauthn/commit/1e9cc109807a56e4d3dc45afbb9ad244e1cc3b9d * Spell out references to single/multi-factor capable To disambiguate from "[=single-factor=] authentication" and "[=multi-factor=] authentication". by Emil Lundberg https://github.com/w3c/webauthn/commit/2e7e3b8b62c7ec04a5af5d7c960978aeb71c63e3 * Add note that resident credentials don't require empty allowCredentials by Emil Lundberg https://github.com/w3c/webauthn/commit/4154a53a90d9a37f4260f928a9ea8cbede7570ac * Move user handle requirements to user.id definition See issue #1252 https://github.com/w3c/webauthn/issues/1252 by Emil Lundberg https://github.com/w3c/webauthn/commit/09b53bb11ed99fc71f61c3b4799db815e917f0a2 * Merge pull request #1254 from w3c/issue-1252-userid-length Move user handle requirements to user.id definition by J.C. Jones https://github.com/w3c/webauthn/commit/d2a4543f4adabd7cafebae70d25fa0480bcc70fd * Merge pull request #1248 from w3c/issue-1247-use-cases-polish Apply edits suggested in PR #1242 review by Emil Lundberg https://github.com/w3c/webauthn/commit/146d35ba3ae6a6376d58b0a008626d378684dc7f * Merge pull request #1249 from w3c/issue-1197-rk Re-focus resident key definitions around allowCredentials aspect by Emil Lundberg https://github.com/w3c/webauthn/commit/3ad7ad71bae0b009fef626d5a7af9f22e418caf5 * Merge pull request #1244 from agl/appidexclude Add “appidExclude” extension. by J.C. Jones https://github.com/w3c/webauthn/commit/4561e48f6c14e2c03c886b99a056ae88654ba717 * Merge branch 'master' into issue-1231-improve-authenticator-taxonomy by Emil Lundberg https://github.com/w3c/webauthn/commit/89bf1c174fdb87e560ab624442d0daa3ece9af7c * link directly to android key attestation schema (#1266) * fix issue #1265 * make link more obvious * Update index.bs Co-Authored-By: Emil Lundberg <emil@yubico.com> by =JeffH https://github.com/w3c/webauthn/commit/fc01edc4c9264c113c48acfb60618b66fe011952 * Add note about decoding U2F keyhandles. (#1272) * Add note about decoding U2F keyhandles. U2F key handles need to be base64url decoded before being used as ArrayBuffers in WebAuthn calls. This isn't completely obvious so this change adds a clarification to the appid and appidExclude extensions. * Address Jeff's comments by linking to [=base64url encoding=] by Adam Langley https://github.com/w3c/webauthn/commit/2a50293d3d79e718606def99b2776b8c6bbdb15e * updated attstation object figure for proper CBOR key ordering (#1278) by =JeffH https://github.com/w3c/webauthn/commit/ea9d4a8d180f49e7ba213f273a7a89d53866de1e * Clarify the U2F attestation verification. (#1280) Fixes #1279. by Adam Langley https://github.com/w3c/webauthn/commit/0cc6d70009cd6c481cedd46bed5d6c63da0caabe * Add RP ops step of storing new credential counter by Emil Lundberg https://github.com/w3c/webauthn/commit/6ca8bed43a405f67fcf9c2808edead1e6dab3b1b * Fix #1268 Type transport strings as DOMStrings. (#1275) * Type transport strings as DOMStrings. Currently transports are represented as an enum. However, WebIDL has strict enums. (I.e. an RP which sent an unrecognised transport would make the whole structure unparsable.) This means that every time we add a transport, we break all existing browsers. In order to address this, this change retypes transports as plain DOMStrings. The AuthenticatorTransport enum still exists, but now only as documentation and registry — not as a factor in type-checking. * Address Emil's comment Fixes #1268. * Address Jeff's comments. by Adam Langley https://github.com/w3c/webauthn/commit/b75aef303aef18aeb0700740dfa4e4c0fa75eda7 * Add lightning transport (#1264) * Update index.bs Add lightning transport Fixes #1261 * Update index.bs Fix missing comma by John Bradley https://github.com/w3c/webauthn/commit/30d3e9f0d2b11116626cd13735857bb3c0f6b797 * Address some of @equalsJeffH's review comments by Emil Lundberg https://github.com/w3c/webauthn/commit/7d255653d26bb8deeb8b39b268a682b30ae3e121 * Merge pull request #1270 from w3c/issue-1231-improve-authenticator-taxonomy Improve authenticator taxonomy section by Emil Lundberg https://github.com/w3c/webauthn/commit/aded02035e6e63fc58f7508c21e70079b72fb0d2 * fix #1277: webauthn -> publickey-credentials (#1284) by =JeffH https://github.com/w3c/webauthn/commit/97e659db6621dced069e4263ced5c97cfeaeca46 * Merge pull request #1288 from w3c/issue-1282-rp-initialize-sigcount Add RP ops step of storing new credential counter by Emil Lundberg https://github.com/w3c/webauthn/commit/8667dbe39baceb09baea3bf6bd467752bfc35cf9 * (Deja vu) webauthn => publickey-credentials (#1295) by Robert Linder https://github.com/w3c/webauthn/commit/4b3638814bd9cb1dc7e575f8d6094d52d3e3ed56 * Merge branch 'master' into issue-1246-credentialid-privacy-leak by Emil Lundberg https://github.com/w3c/webauthn/commit/a52771d18edf0b580bc7e3c1549e14d43f1ffc13
Received on Wednesday, 11 September 2019 16:16:07 UTC