[webauthn] new commits pushed by equalsJeffH from =JeffH via GitHub on 2020-04-29 (public-webauthn@w3.org from April 2020)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 29 Apr 2020 19:12:00 +0000
To: public-webauthn@w3.org
Message-ID: <push-d5306690bf8000c98421319a21416b22d735ad8a-1588187518-sysbot+gh@w3.org>

The following commits were just pushed by equalsJeffH to https://github.com/w3c/webauthn:

* Add more requirements for ClientDataJSON serialisation. (#1375)

* Add more requirements for ClientDataJSON serialisation.

ClientDataJSON is currently defined to be the JSON encoding of the
CollectedClientData. This implies that validators require a full JSON
parsing library to check needed entries in the ClientDataJSON such as
the challenge, type, and origin.

This is a problematic dependency in some cases. This change seeks to
address that by being stricter about the encoding, while still
generating JSON. Thus existing validators do not need to change but
those willing to require recent WebAuthn-implementing browsers can avoid
the full generality of JSON.

* Address various comments.

* Apply suggestions from code review

Apply Jeff's suggestions

Co-Authored-By: =JeffH <jdhodges@google.com>

* incorp jcjones' feedback, thx!

Co-authored-by: =JeffH <jdhodges@google.com>
  by Adam Langley
https://github.com/w3c/webauthn/commit/d5306690bf8000c98421319a21416b22d735ad8a

Received on Wednesday, 29 April 2020 19:12:01 UTC