[webauthn] new commits pushed by equalsJeffH from =JeffH via GitHub on 2021-11-12 (public-webauthn@w3.org from November 2021)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Fri, 12 Nov 2021 19:40:47 +0000
To: public-webauthn@w3.org
Message-ID: <push-89cec457adcda891e0f144eda59ad9125c3c00cf-1636746039-sysbot+gh@w3.org>

The following commits were just pushed by equalsJeffH to https://github.com/w3c/webauthn:

* Explicitly state that RPs cannot in general choose attestation type/format
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/9787e8d779a78f22f60736cbd64d4237e30e35f2

* Involve client and "attestation conveyance" term in note on att.fmt choice
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f621bd2941caaebc7481a98e545404f2d546695c

* Simplify to that just the authenticator chooses attestation type and format
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/d24439d96f904e2ee391fa4a391366c943e5eede

* Define 1024 bytes to be the maximum credential ID length.

The value 1024 has been picked to be a nice round number that seems
larger than any reasonable credential ID should need to be.

(I think several of the step references were _previously_ incorrect and
have attempted to fix them here. Thus step number changes are not
expected to be simply updates reflecting the new step.)

Fixes #1617
  by Adam Langley
https://github.com/w3c/webauthn/commit/05c93f1d744b3cf9d9f3509fdce27902e3cac3d6

* Merge pull request #1660 from w3c/issue-1659-explicit-no-attstmt-choice

Explicitly state that RPs cannot in general choose attestation type/format
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/f6a3179d202941916f4a212c48091798fdc27864

* Make credential ID limit < 1024.

Rather than say credential IDs are ≤ 1024, say <. That way their length
fits in a 10-bit number, which is a little more natural.
  by Adam Langley
https://github.com/w3c/webauthn/commit/2c09e9f8830304788c4fd0dba7236862da7f64d0

* Apply Lucus's suggestion

Co-authored-by: Lucas Garron <code@garron.net>
  by Adam Langley
https://github.com/w3c/webauthn/commit/01b6bd9595f943f6b761c024a2397c9361288551

* Including emlun's suggestion

Co-authored-by: Emil Lundberg <emil@emlun.se>
  by Adam Langley
https://github.com/w3c/webauthn/commit/11d96094c21d6763a6fb196aa31b9e53b6863377

* Consistently say “≤ 1023”.
  by Adam Langley
https://github.com/w3c/webauthn/commit/7888d1004881245d8a31eb2097884b08090cf1a6

* Merge pull request #1664 from agl/credidlimit

Define 1023 bytes to be the maximum credential ID length.
  by Adam Langley
https://github.com/w3c/webauthn/commit/7613852005339852722a568a109c6119258437c7

* Add authenticator attachment used during authentication to assertion payload (#1668)
  by zakaria ridouh
https://github.com/w3c/webauthn/commit/522787467f67ef1dd4ed1234142a51c57f040b36

* Update FIDO-Registry link (#1675)
  by Emil Lundberg
https://github.com/w3c/webauthn/commit/a4b80ad68caaf7e283fc1cb10e6c405d8b034147

* Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension
  by JeffH
https://github.com/w3c/webauthn/commit/89cec457adcda891e0f144eda59ad9125c3c00cf



-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 12 November 2021 19:40:49 UTC