[webauthn] new commits pushed by equalsJeffH

The following commits were just pushed by equalsJeffH to https://github.com/w3c/webauthn:

* Add more requirements for ClientDataJSON serialisation. (#1375)

* Add more requirements for ClientDataJSON serialisation.

ClientDataJSON is currently defined to be the JSON encoding of the
CollectedClientData. This implies that validators require a full JSON
parsing library to check needed entries in the ClientDataJSON such as
the challenge, type, and origin.

This is a problematic dependency in some cases. This change seeks to
address that by being stricter about the encoding, while still
generating JSON. Thus existing validators do not need to change but
those willing to require recent WebAuthn-implementing browsers can avoid
the full generality of JSON.

* Address various comments.

* Apply suggestions from code review

Apply Jeff's suggestions

Co-Authored-By: =JeffH <jdhodges@google.com>

* incorp jcjones' feedback, thx!

Co-authored-by: =JeffH <jdhodges@google.com>
  by Adam Langley

Received on Wednesday, 29 April 2020 19:12:01 UTC