public-webauthn@w3.org from September 2019 by subject

09/04/2019 W3C Web Authentication WG Meeting Agenda

• Shane B Weeden (Wednesday, 4 September)
• Anthony Nadalin (Tuesday, 3 September)
• Anthony Nadalin (Tuesday, 3 September)

09/11/2019 W3C Web Authentication WG Meeting Agenda

• Anthony Nadalin (Wednesday, 11 September)

[Reminder] Call for Exclusions: Web Authentication:An API for accessing Public Key Credentials Level 2

• sysbot+ipp@w3.org (Tuesday, 3 September)

[w3c/webauthn]

• Emil Lundberg (Friday, 20 September)
• =JeffH (Friday, 20 September)
• Emil Lundberg (Wednesday, 4 September)
• Emil Lundberg (Wednesday, 4 September)

[w3c/webauthn] 01ccc4: Make reason for credID privacy leak more precise a...

• Emil Lundberg (Thursday, 5 September)

[w3c/webauthn] 0c7673: fix publickey-credentials feature identifier tag

• =JeffH (Monday, 16 September)

[w3c/webauthn] 0cdae3: Built by Travis-CI: 8667dbe39baceb09baea3bf6bd4677...

• WebAuthnBot (Wednesday, 4 September)

[w3c/webauthn] 124347: Formalise beginning of RP ops

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] 18b9fa: Add editor comment about <span> for old anchor

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] 24ecf5: Formalise beginning of RP ops

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] 2b435a: fix publickey-credentials feature identifier tag (...

• =JeffH (Friday, 20 September)

[w3c/webauthn] 498f25: Built by Travis-CI: aded02035e6e63fc58f7508c21e700...

• WebAuthnBot (Wednesday, 4 September)

[w3c/webauthn] 4b3638: (Deja vu) webauthn => publickey-credentials (#1295)

• Robert Linder (Monday, 9 September)

[w3c/webauthn] 50b086: Built by Travis-CI: 8ed793fa733bb50481ff5dd791e9f7...

• WebAuthnBot (Friday, 20 September)

[w3c/webauthn] 5f3f98: Address @equalsJeffH's review comments

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] 62a7b3: Add “appidExclude” extension.

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] 686882: Built by Travis-CI: 4b3638814bd9cb1dc7e575f8d6094d...

• WebAuthnBot (Monday, 9 September)

[w3c/webauthn] 6ca8be: Add RP ops step of storing new credential counter

• Emil Lundberg (Wednesday, 4 September)

[w3c/webauthn] 71f92c: Propose second-factor use case as mitigation for u...

• Emil Lundberg (Wednesday, 4 September)

[w3c/webauthn] 7d2556: Address some of @equalsJeffH's review comments

• Emil Lundberg (Wednesday, 4 September)

[w3c/webauthn] 808af0: Built by Travis-CI: 2b435a77f7ab5968e1713accaf5a76...

• WebAuthnBot (Friday, 20 September)

[w3c/webauthn] 82c51c: Built by Travis-CI: 8ed793fa733bb50481ff5dd791e9f7...

• WebAuthnBot (Friday, 20 September)

[w3c/webauthn] 8d7a3e: Built by Travis-CI: 8667dbe39baceb09baea3bf6bd4677...

• WebAuthnBot (Wednesday, 4 September)

[w3c/webauthn] 8ed793: Divide security/privacy considerations into subsec...

• Emil Lundberg (Friday, 20 September)

[w3c/webauthn] 97e659: fix #1277: webauthn -> publickey-credentials (#1284)

• =JeffH (Wednesday, 4 September)

[w3c/webauthn] ae1f64: Built by Travis-CI: 32c216ce37122d9499ebdebc660d0b...

• WebAuthnBot (Wednesday, 11 September)

[w3c/webauthn] b24098: Built by Travis-CI: 4b3638814bd9cb1dc7e575f8d6094d...

• WebAuthnBot (Monday, 9 September)

[w3c/webauthn] b29e0e: Built by Travis-CI: 97e659db6621dced069e4263ced5c9...

• WebAuthnBot (Wednesday, 4 September)

[w3c/webauthn] bba65a: Address @manger's comment about 'single-factor'

• Emil Lundberg (Monday, 2 September)

[w3c/webauthn] d11947: Divide security/privacy considerations into subsec...

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] d3e06d: Built by Travis-CI: 32c216ce37122d9499ebdebc660d0b...

• WebAuthnBot (Wednesday, 11 September)

[w3c/webauthn] f054fe: Built by Travis-CI: 2b435a77f7ab5968e1713accaf5a76...

• WebAuthnBot (Friday, 20 September)

[w3c/webauthn] f599d9: Mention getTransports() in PublicKeyCredentialDesc...

• Emil Lundberg (Wednesday, 11 September)

[w3c/webauthn] fcce61: Initial proposal to address #1287 by relaxing the ...

• Anthony Nadalin (Wednesday, 11 September)

[webauthn] (Deja vu) webauthn => publickey-credentials (#1295)

• Robert Linder via GitHub (Saturday, 7 September)

[webauthn] Add a WebDriver Virtual Authenticator extension (#1256)

• Akshay Kumar via GitHub (Wednesday, 11 September)
• jabazorius via GitHub (Tuesday, 10 September)
• J.C. Jones via GitHub (Tuesday, 10 September)
• =JeffH via GitHub (Tuesday, 10 September)
• J.C. Jones via GitHub (Thursday, 5 September)
• J.C. Jones via GitHub (Wednesday, 4 September)
• J.C. Jones via GitHub (Tuesday, 3 September)

[webauthn] add indication of embedded and cross-origin operation in `collectedClientData` (#1271)

• Bart via GitHub (Thursday, 5 September)

[webauthn] Add note about use of floating point in extensions passed through that clients do not recognize (#1307)

• Peter Occil via GitHub (Wednesday, 25 September)
• Emil Lundberg via GitHub (Wednesday, 25 September)
• Peter Occil via GitHub (Tuesday, 24 September)

[webauthn] Add privacy considerations about credential IDs (#1250)

• Akshay Kumar via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• =JeffH via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Max Hata via GitHub (Thursday, 5 September)
• Emil Lundberg via GitHub (Thursday, 5 September)
• Max Hata via GitHub (Thursday, 5 September)
• Emil Lundberg via GitHub (Thursday, 5 September)
• Max Hata via GitHub (Thursday, 5 September)

[webauthn] Certain issues in client extension pass-through specification (#1273)

• Mike Jones via GitHub (Tuesday, 24 September)
• Anthony Nadalin via GitHub (Friday, 20 September)
• Anthony Nadalin via GitHub (Friday, 20 September)

[webauthn] Clarify relation between requireUserVerification values for MakeCredential and GetAssertion (#1305)

• Fabian Henneke via GitHub (Saturday, 21 September)

[webauthn] Conflict between WebAuthn and CTAP2 handling of userVerification mapping (#1306)

• Fabian Henneke via GitHub (Saturday, 21 September)

[webauthn] Consider rewording restrictions around origin (#1297)

• Anthony Nadalin via GitHub (Friday, 20 September)
• =JeffH via GitHub (Friday, 20 September)
• Ackermann Yuriy (Wednesday, 18 September)
• Shane Weeden via GitHub (Wednesday, 18 September)
• Ackermann Yuriy via GitHub (Wednesday, 18 September)
• Shane Weeden via GitHub (Wednesday, 18 September)
• Ackermann Yuriy via GitHub (Wednesday, 18 September)
• Shane Weeden via GitHub (Saturday, 14 September)
• Adam Langley via GitHub (Saturday, 14 September)
• Shane Weeden via GitHub (Tuesday, 10 September)

[webauthn] Consider whether browsers should truncate `name` and `displayName`. (#1296)

• Lucas Garron via GitHub (Friday, 13 September)
• Adam Langley via GitHub (Tuesday, 10 September)

[webauthn] Divide security/privacy considerations into subsections by audience (#1298)

• Emil Lundberg via GitHub (Wednesday, 11 September)
• =JeffH via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)

[webauthn] Explicitly prohibit use of WebAuthn from non-visible cross-origin iframes (#1303)

• Anthony Nadalin via GitHub (Friday, 20 September)
• Akshay Kumar via GitHub (Friday, 20 September)
• J.C. Jones via GitHub (Friday, 20 September)

[webauthn] How do I use a smart phone as an authenticator when the web application is running on a laptop/desktop? (#954)

• Matteo via GitHub (Saturday, 21 September)

[webauthn] Improve authenticator taxonomy section (#1270)

• =JeffH via GitHub (Wednesday, 4 September)

[webauthn] Integrate with Feature Policy and possibly Permissions and define appropriate identifier value for WebAuthn (#911)

• Anders Rundgren via GitHub (Thursday, 5 September)

[webauthn] Length restriction on user handles has no processing model associated with it (#1302)

• =JeffH via GitHub (Friday, 20 September)
• Boris Zbarsky via GitHub (Wednesday, 18 September)
• Boris Zbarsky via GitHub (Wednesday, 18 September)

[webauthn] Low timeout bounds for inline bio enrollment of FIDO2 keys (#1286)

• Akshay Kumar via GitHub (Wednesday, 11 September)

[webauthn] Merged Pull Request: (Deja vu) webauthn => publickey-credentials

• =JeffH via GitHub (Monday, 9 September)

[webauthn] Merged Pull Request: Add RP ops step of storing new credential counter

• Emil Lundberg via GitHub (Wednesday, 4 September)

[webauthn] Merged Pull Request: Divide security/privacy considerations into subsections by audience

• =JeffH via GitHub (Friday, 20 September)

[webauthn] Merged Pull Request: fix publickey-credentials feature identifier tag

• =JeffH via GitHub (Friday, 20 September)

[webauthn] Merged Pull Request: Improve authenticator taxonomy section

• Emil Lundberg via GitHub (Wednesday, 4 September)

[webauthn] Merged Pull Request: Initial proposal to fix #1287

• Anthony Nadalin via GitHub (Wednesday, 11 September)

[webauthn] Merged Pull Request: rename feature-identifier token: webauthn -> publickey-credentials (fix #1277)

• =JeffH via GitHub (Wednesday, 4 September)

[webauthn] Minor cleanups from PR 1270 review (#1291)

• Emil Lundberg via GitHub (Wednesday, 4 September)

[webauthn] More explicitly document use cases. (#1300)

• Adam Langley via GitHub (Thursday, 12 September)

[webauthn] new commits pushed by emlun

• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Wednesday, 11 September)
• Emil Lundberg via GitHub (Thursday, 5 September)
• Emil Lundberg via GitHub (Wednesday, 4 September)
• Emil Lundberg via GitHub (Wednesday, 4 September)
• Emil Lundberg via GitHub (Wednesday, 4 September)
• Emil Lundberg via GitHub (Monday, 2 September)

[webauthn] new commits pushed by equalsJeffH

• =JeffH via GitHub (Friday, 20 September)
• =JeffH via GitHub (Friday, 20 September)
• =JeffH via GitHub (Monday, 16 September)
• =JeffH via GitHub (Monday, 9 September)
• =JeffH via GitHub (Wednesday, 4 September)

[webauthn] new commits pushed by nadalin

• Anthony Nadalin via GitHub (Wednesday, 11 September)

[webauthn] new commits pushed by WebAuthnBot

• WebAuthnBot via GitHub (Friday, 20 September)
• WebAuthnBot via GitHub (Friday, 20 September)
• WebAuthnBot via GitHub (Friday, 20 September)
• WebAuthnBot via GitHub (Friday, 20 September)
• WebAuthnBot via GitHub (Wednesday, 11 September)
• WebAuthnBot via GitHub (Wednesday, 11 September)
• WebAuthnBot via GitHub (Monday, 9 September)
• WebAuthnBot via GitHub (Monday, 9 September)
• WebAuthnBot via GitHub (Wednesday, 4 September)
• WebAuthnBot via GitHub (Wednesday, 4 September)
• WebAuthnBot via GitHub (Wednesday, 4 September)
• WebAuthnBot via GitHub (Wednesday, 4 September)

[webauthn] Pull Request: (Deja vu) webauthn => publickey-credentials

• Robert Linder via GitHub (Saturday, 7 September)

[webauthn] Pull Request: Add note about use of floating point in extensions passed through that clients do not recognize

• Mike Jones via GitHub (Tuesday, 24 September)

[webauthn] Pull Request: Divide security/privacy considerations into subsections by audience

• Emil Lundberg via GitHub (Wednesday, 11 September)

[webauthn] Pull Request: fix publickey-credentials feature identifier tag

• =JeffH via GitHub (Monday, 16 September)

[webauthn] Pull Request: More explicitly document use cases.

• Adam Langley via GitHub (Thursday, 12 September)

[webauthn] Pull Request: Recommend RPs to store transport hints

• Emil Lundberg via GitHub (Wednesday, 11 September)

[webauthn] Recovering from Device Loss (#931)

• Emil Lundberg via GitHub (Friday, 20 September)
• Emil Lundberg via GitHub (Friday, 20 September)

[webauthn] Removing “lightning” from AuthenticatorTransport (#1294)

• =JeffH via GitHub (Friday, 20 September)
• J.C. Jones via GitHub (Friday, 20 September)
• =JeffH via GitHub (Friday, 20 September)
• Jiewen Tan via GitHub (Wednesday, 18 September)
• John Bradley via GitHub (Thursday, 12 September)
• John Bradley via GitHub (Thursday, 12 September)
• Christiaan Brand via GitHub (Thursday, 12 September)
• John Bradley via GitHub (Wednesday, 11 September)
• Maciej Stachowiak via GitHub (Wednesday, 11 September)
• John Bradley via GitHub (Wednesday, 11 September)
• jabazorius via GitHub (Tuesday, 10 September)
• David Waite via GitHub (Tuesday, 10 September)
• Emil Lundberg via GitHub (Tuesday, 10 September)
• Maciej Stachowiak via GitHub (Tuesday, 10 September)
• Adam Langley via GitHub (Tuesday, 10 September)
• Jiewen Tan via GitHub (Tuesday, 10 September)
• Adam Langley via GitHub (Monday, 9 September)
• Maciej Stachowiak via GitHub (Sunday, 8 September)
• John Bradley via GitHub (Sunday, 8 September)
• Jiewen Tan via GitHub (Friday, 6 September)
• David Waite via GitHub (Thursday, 5 September)
• John Bradley via GitHub (Thursday, 5 September)
• Jiewen Tan via GitHub (Thursday, 5 September)
• Ki-Eun Shin via GitHub (Thursday, 5 September)
• Jiewen Tan via GitHub (Thursday, 5 September)
• John Bradley via GitHub (Wednesday, 4 September)
• Adam Langley via GitHub (Wednesday, 4 September)
• Jiewen Tan via GitHub (Wednesday, 4 September)

[webauthn] rename feature-identifier token: webauthn -> publickey-credentials (fix #1277) (#1284)

• Rolf Lindemann via GitHub (Wednesday, 4 September)
• =JeffH via GitHub (Wednesday, 4 September)

[webauthn] Requiring user gesture to call WebAuthn API (#1293)

• Ki-Eun Shin via GitHub (Thursday, 19 September)
• Jiewen Tan via GitHub (Wednesday, 18 September)
• Akshay Kumar via GitHub (Wednesday, 18 September)
• =JeffH via GitHub (Wednesday, 11 September)
• Jiewen Tan via GitHub (Friday, 6 September)
• Rolf Lindemann via GitHub (Thursday, 5 September)
• Jiewen Tan via GitHub (Wednesday, 4 September)

[webauthn] Specify authenticator attachment for authentication operation (#1267)

• Christiaan Brand via GitHub (Saturday, 21 September)

[webauthn] Specify if clients are expected to follow redirects for icon URLs (#1285)

• J.C. Jones via GitHub (Friday, 20 September)
• Anthony Nadalin via GitHub (Friday, 20 September)
• David Waite via GitHub (Tuesday, 3 September)
• John Bradley via GitHub (Tuesday, 3 September)
• Emil Lundberg via GitHub (Monday, 2 September)

[webauthn] Supply an “intention" member in PublicKeyCredentialCreationOptions dictionary (#1292)

• Ki-Eun Shin via GitHub (Thursday, 19 September)
• Akshay Kumar via GitHub (Wednesday, 18 September)
• Jiewen Tan via GitHub (Wednesday, 18 September)
• Adam Langley via GitHub (Friday, 13 September)
• Maciej Stachowiak via GitHub (Wednesday, 11 September)
• =JeffH via GitHub (Wednesday, 11 September)
• John Bradley via GitHub (Friday, 6 September)
• Jiewen Tan via GitHub (Thursday, 5 September)
• Ki-Eun Shin via GitHub (Thursday, 5 September)
• Lucas Garron via GitHub (Wednesday, 4 September)
• Jiewen Tan via GitHub (Wednesday, 4 September)

[webauthn] way to return a platform specific Name for the thing that gets registered. (#1304)

• Rolf Lindemann via GitHub (Friday, 20 September)

[webauthn] webauthn should have the ability to cross platform (#1290)

• Emil Lundberg via GitHub (Monday, 2 September)

[webauthn] What if the user has no displayName? (#1283)

• Lucas Garron via GitHub (Friday, 13 September)

Closed: [webauthn] Browsers adding extensions. (#1287)

• Anthony Nadalin via GitHub (Wednesday, 11 September)

Closed: [webauthn] Divide Security/Privacy Considerations into subsections by audience? (#1039)

• =JeffH via GitHub (Friday, 20 September)

Closed: [webauthn] Missing RP ops step: initialise signature counter (#1282)

• Emil Lundberg via GitHub (Wednesday, 4 September)

Closed: [webauthn] Poor documentation of how authnr aspects (platform, UV, RK) interact (#1231)

• Emil Lundberg via GitHub (Wednesday, 4 September)

Closed: [webauthn] rename "webauthn" feature policy token to "publickey-credentials" (#1277)

• =JeffH via GitHub (Wednesday, 4 September)

Closed: [webauthn] webauthn should have the ability to cross platform (#1290)

• Emil Lundberg via GitHub (Monday, 2 September)

Request for joint meeting during TPAC

• Ken Ebert (Wednesday, 4 September)
• Anthony Nadalin (Wednesday, 4 September)
• =Drummond Reed (Wednesday, 4 September)
• Brent Zundel (Tuesday, 3 September)
• Janina Sajka (Tuesday, 3 September)
• Anthony Nadalin (Tuesday, 3 September)

TPAC Draft WebAuth Agenda

• Anthony Nadalin (Thursday, 5 September)
• Anthony Nadalin (Wednesday, 4 September)

TPAC Draft WebAuth Agenda -- remote participation details

• Wendy Seltzer (Wednesday, 11 September)

Web Authentication Working Group Charter Extended until 30 October 2019

• xueyuan (Monday, 2 September)

wrt: Add a WebDriver Virtual Authenticator extension #1256

• Jeff Hodges (Friday, 20 September)

Last message date: Wednesday, 25 September 2019 11:44:11 UTC