- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 07 Oct 2022 20:05:29 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by agl to https://github.com/w3c/webauthn: * device-bound Public Key pair extension This PR instantiates the `getDevicePublicKey` extension. RPs desiring to have a guaranteed device-bound public key returned on `create()` and `get()` need to simply include this extension on their `create()` and `get()` calls. On `create()`, a device-bound public key pair is created in addition to the [credential key pair](https://www.w3.org/TR/webauthn-2/#credential-key-pair), and the extension result conveys the devicePublicKey to the RP. On `get()`, a device-bound public key pair is created if one does not yet exist, and the resulting devicePublicKey is conveyed in the extension result to the RP. by JeffH https://github.com/w3c/webauthn/commit/6719e054e8d27e04286d3e975d69371a3b135225 * further hacking... by JeffH https://github.com/w3c/webauthn/commit/4a6b8fe837eb3b74b7cd481c2b360fcfd06c2497 * nearly complete tho likely needs to be re-worked to include attestation of dbPK by JeffH https://github.com/w3c/webauthn/commit/5d1662d6ca14f7bc01ed056ee7d245cc3fe7d72c * add 'device-bound key' by JeffH https://github.com/w3c/webauthn/commit/1622df27e3c595b6e69a40771fb1659b2ae9b665 * in-progress updates... by JeffH https://github.com/w3c/webauthn/commit/5e684aab30af5cdb106209b77b8e60e8fbaf5efe * further in-progress updates... by JeffH https://github.com/w3c/webauthn/commit/71afdbe64b067cc535cf791b3a17ee2ba499da15 * further in-progress updates... by JeffH https://github.com/w3c/webauthn/commit/8040d13725a0769517c71780b38de9a08ceeb113 * Merge branch 'main' into jeffh-fix-1546-second-key-extension by JeffH https://github.com/w3c/webauthn/commit/38131e6da3ebbe37d9b399c961324782c2da8f3c * devicePublicKey extension section functionally complete by JeffH https://github.com/w3c/webauthn/commit/ad71ff141aec2cd1db0b72eb00d1a3546fa21c4f * further edits... by JeffH https://github.com/w3c/webauthn/commit/094d38589d84a20939d3e15105435ec1a883d863 * cleanup trailing whitespace... by JeffH https://github.com/w3c/webauthn/commit/e66eb2d8ea502970ec6350e8df0415b134207be9 * Device-bound public key ProVerif model This adds a ProVerif model for the device-bound public key (device-bound key pair) extension. by JeffH https://github.com/w3c/webauthn/commit/618b2de767d72e15d623cd15939a0b463f5cfae2 * who-signs-what musings... by JeffH https://github.com/w3c/webauthn/commit/1e97952446f0768de27f5e16c00b03dc9ce697f9 * editorial polishing by JeffH https://github.com/w3c/webauthn/commit/8f0d66dc6ad2256d9f6736a7fd96d6f3f8105dfa * editorial polishing by JeffH https://github.com/w3c/webauthn/commit/43e03c8250598eb4b73372b650a4c19ee7ed19dd * major reorg & clarifications by JeffH https://github.com/w3c/webauthn/commit/503a0271378e3237b70cc42853150186fe042501 * further reorg & polish by JeffH https://github.com/w3c/webauthn/commit/87340d797855e780b3d1296e74529f284b57b5e0 * proverif model cleanup by JeffH https://github.com/w3c/webauthn/commit/cbb066f1faa4f278b04583e80780f70b3278ffcd * remove unused 'cert' by JeffH https://github.com/w3c/webauthn/commit/1e72a00a870cff78f50bf74b49cdf3ca6adb1af7 * revise/correct objects hierarchy by JeffH https://github.com/w3c/webauthn/commit/99a6b79f90fb92015dea310023c4afea8693ee85 * clarifications by JeffH https://github.com/w3c/webauthn/commit/e9db5235ba5bb78f7b7176f60326cb16c96e32f6 * clarifications by JeffH https://github.com/w3c/webauthn/commit/68ebaa257639a21bda4221a28b1e21c0e56b00cf * clarifications by JeffH https://github.com/w3c/webauthn/commit/8b5702c5d2ef597dd31a5612d65722e629702788 * switch model starting-point to webauthn-basic.pv by JeffH https://github.com/w3c/webauthn/commit/da82c2e6192f1bf484ddc01d8907523c5ce1049d * clarifications by JeffH https://github.com/w3c/webauthn/commit/f84069bc7d10dfff48179e811bd15832dfc23487 * clarifications to both DPK stuff and PV model by JeffH https://github.com/w3c/webauthn/commit/f6663cbabff780bc8c967304a47429368816a2b2 * revise model significantly revise model to have discrete message components and to leverage named_tuples.pvl and crypto.pvl. by JeffH https://github.com/w3c/webauthn/commit/22e325d51a07388d8da2d0ddbbfe33a8dd2872d6 * further clarifications and musings this is the stage of development I first shared with internal colleagues post the original hand-wavy prose writeup. by JeffH https://github.com/w3c/webauthn/commit/a3ed05bfa659f01e7c5bb3b913b00b62983c78b0 * editorial by JeffH https://github.com/w3c/webauthn/commit/6382444f375e8cbd1d502e0f0e8991c7318e588b * revised dpk syntax per agl review by JeffH https://github.com/w3c/webauthn/commit/768d90067f3bdee5b38e700264f617798c143f97 * further refined dpk syntax per feedback by JeffH https://github.com/w3c/webauthn/commit/fd9ea008dffdb5588cdc1a6bc3d032ccf47a7697 * select the more simple AttObjForDevicePublicKey by JeffH https://github.com/w3c/webauthn/commit/a34b48938ffd24e645017139aa7c37a3edb28367 * begin reworking devicePubKey extension by JeffH https://github.com/w3c/webauthn/commit/2832b5e5f36181e2b67b804a88ff04a8a03098f5 * editorial by JeffH https://github.com/w3c/webauthn/commit/e47c5f8ed448e0025d6388d9e098c1813f0bec4e * device-bound-key-pair.pv -> device-bound-key-pair.txt by JeffH https://github.com/w3c/webauthn/commit/75c8f251574709c98b8800809cae0fc564a5d7ad * add separate webauthn.pv file by JeffH https://github.com/w3c/webauthn/commit/4515d630af96ad939b7cffa0e72eef2887960f68 * editorial by JeffH https://github.com/w3c/webauthn/commit/c208e19e149dd98544521eead0beafe71c1e2756 * Merge branch 'main' into jeffh-fix-1546-second-key-extension by JeffH https://github.com/w3c/webauthn/commit/591cded71ff574ca776642fb0c1e1d6620463abd * Merge branch 'main' into jeffh-fix-1546-second-key-extension by JeffH https://github.com/w3c/webauthn/commit/59260f0b3842c81718dafd12273ae14862b40f4a * fix attSecretKey in pv model by JeffH https://github.com/w3c/webauthn/commit/c3487a217de7a7647226269924322fdda1eeb02a * add README.pv.md file by JeffH https://github.com/w3c/webauthn/commit/0e8d3b362c602e23cb4a2335a4aa21d0e0dca10a * editorial cleanups by JeffH https://github.com/w3c/webauthn/commit/6b216db9d7dcbbafc20ff20f02313093ef73b822 * processUser -> processClientAndAuthnr by JeffH https://github.com/w3c/webauthn/commit/25b07e6ea75c9a94f80965aa0544388d6ccdbf16 * define formal RegRequestMsg by JeffH https://github.com/w3c/webauthn/commit/2da450453c77a10d0c90cc55345951762668160b * editorial by JeffH https://github.com/w3c/webauthn/commit/f943bbcff7e3b5546a36cde6943bb7d39059ff14 * attPublicKey is public by JeffH https://github.com/w3c/webauthn/commit/e23ccfec1b2df64f89b37ad29a16be743b10eb6c * WIP: refine attestation object construction by JeffH https://github.com/w3c/webauthn/commit/7a1e2eeeb8fe57102c8cbc56c4cfdc324aef3315 * WIP: attObject parsing by JeffH https://github.com/w3c/webauthn/commit/8a420eb77695a8d950ba7cd4f01fe8723271ef8e * WIP: add Extensions. by JeffH https://github.com/w3c/webauthn/commit/d2b529b3a117c9f19c16bc6ffa7ffbe7208579b3 * editorial by JeffH https://github.com/w3c/webauthn/commit/666718a01d330bbd8622afc445436871117e3b02 * COMPLETED: refine attestation object construction by JeffH https://github.com/w3c/webauthn/commit/f9e861cd9e5316ec0e843028128ffe6e62e28c30 * refine events by JeffH https://github.com/w3c/webauthn/commit/e1a4383a396eafd99dadb66666cbff58b174aa88 * editorial by JeffH https://github.com/w3c/webauthn/commit/9182fa1cc9d53bb5f1b600d14bf2c833b6c63ec3 * editorial by JeffH https://github.com/w3c/webauthn/commit/89e26609eac2098b06d71be0a826160e40b37357 * more meaningful query wrt response msg. by JeffH https://github.com/w3c/webauthn/commit/54eb767405346c6c63ffabfd270bd9dd425a5061 * add: set traceDisplay long by JeffH https://github.com/w3c/webauthn/commit/f6fcee8aa8c67a6f14d0a5e6fe911acdf207d7fc * fix var rebindings, trim queries by JeffH https://github.com/w3c/webauthn/commit/1747dff04cdc3b44b1ba4879e98fefae8a35c79c * update README.pv.md by JeffH https://github.com/w3c/webauthn/commit/12ec079fdf7bbeeb990968ce4ee48c246341a059 * edit README.pv.md by JeffH https://github.com/w3c/webauthn/commit/59f29091e04aeb3742397d9dfafffa97cb9eb994 * rename server name, plus other clieanups by JeffH https://github.com/w3c/webauthn/commit/8b4d51ce2f72d1b50e25c5fbe8428bd717f66771 * edit README.pv.md by JeffH https://github.com/w3c/webauthn/commit/c5f3b2de40fc926c49a2e8844e35ba0f7e3c39e8 * remove pv files from this branch by JeffH https://github.com/w3c/webauthn/commit/4ebd028f0d05e0938f5d53a628a845fcbe811665 * Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension by JeffH https://github.com/w3c/webauthn/commit/4f187903c7c5edf3eb65178be91d21fdf5600a34 * update Device-bound public key extension by JeffH https://github.com/w3c/webauthn/commit/66e67bdc62673007ddae06ea9df582f100390f26 * work in progress by JeffH https://github.com/w3c/webauthn/commit/9ac274aaa5cf6f505e0c5cd861b24706c128626f * finish Notes -- nominally complete for Draft PR by JeffH https://github.com/w3c/webauthn/commit/fcc6a68857f6c9fa0f3f50b2a4dbf8ad99ae54d1 * Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension by JeffH https://github.com/w3c/webauthn/commit/73cc7ffde511c352e97b441eb3ca05bdb40073b2 * untraced device-bound-key-pair.txt by JeffH https://github.com/w3c/webauthn/commit/7c5393c8eba0da3f9f19f6a62805af86903027d2 * context is now scope Co-authored-by: Emil Lundberg <emil@yubico.com> by =JeffH https://github.com/w3c/webauthn/commit/3d16662af306e7169efea910ce75d7b6cd82b287 * do binary equality checks by JeffH https://github.com/w3c/webauthn/commit/aee534c36d84eae84681865f839924d601da3558 * Apply suggestions from emlun's code review, thanks! Co-authored-by: Emil Lundberg <emil@yubico.com> by =JeffH https://github.com/w3c/webauthn/commit/7c3e2e8d43518e0e9bb4c822f934713db6e2b2f3 * fixes inspired by emlun's review by JeffH https://github.com/w3c/webauthn/commit/90593b9cc35d3c5deb3072fdb4c5c80ab10b7ded * apply and merge emlun's review suggestions, thx! by JeffH https://github.com/w3c/webauthn/commit/d0bef3392ab9e8d57aff1b053c44c4c56f57ce1b * Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension by JeffH https://github.com/w3c/webauthn/commit/89cec457adcda891e0f144eda59ad9125c3c00cf * incorp pascoej's correction, thx! Co-authored-by: J Pascoe <2867699+pascoej@users.noreply.github.com> by =JeffH https://github.com/w3c/webauthn/commit/db63d69cc46af5c662c9f3811a1d37e6f1334dc8 * fix bug emlun caught (thx) & apply polish by JeffH https://github.com/w3c/webauthn/commit/9a786838e11adabed6f0c562645006ce01ee7854 * Apply emlun's suggestions, thx! Co-authored-by: Emil Lundberg <emil@yubico.com> by =JeffH https://github.com/w3c/webauthn/commit/d52342ceefed784c747cf9e262770b076b409d4d * polish emlun's suggestion to not be a Note by JeffH https://github.com/w3c/webauthn/commit/e23c4b997edc4f90cd948dd33c6c768689642e72 * polish Authenticator extension processing by JeffH https://github.com/w3c/webauthn/commit/b8ec5b80fd8686460e8a22410705bdc70b86fdd6 * authnr extension rather than client extension by JeffH https://github.com/w3c/webauthn/commit/0bb9aaac10cedaa68ea085d8774aa6b6c86e0989 * minor editorial fixes by JeffH https://github.com/w3c/webauthn/commit/32378966857e501f43356036abe697f514f70a24 * Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension by JeffH https://github.com/w3c/webauthn/commit/d652787631e3338876f456cf8ae1effcd7dd53f6 * revise intro and define most of verification procedure by JeffH https://github.com/w3c/webauthn/commit/55e64c94a385474952b3330b771d91ddc47929d9 * finish roughing-out verification procedures by JeffH https://github.com/w3c/webauthn/commit/41ffcbf8a44a1f0be4adc9f29a1c47a1b6f5a0c5 * remove extraneous Note on permissions policy that crept in somehow by JeffH https://github.com/w3c/webauthn/commit/f131d687993333f296c2fb11762f829584fb0ddb * incorp emlun's suggestion on hardware-bound device key pair definition by JeffH https://github.com/w3c/webauthn/commit/e1e6d94d26147e1a8e0caa82c06a2b29498447ae * add Notes to RP verification steps linking to DPK extension verification procedures by JeffH https://github.com/w3c/webauthn/commit/23ea3eff1b5939e6d90236563bc6ebc31724a427 * do not use 'synced' user cred term per TimC by JeffH https://github.com/w3c/webauthn/commit/683ad4d8fba9ea09b5ee27fa58fda3d6d32cf626 * update 'Relying Party Usage' section and note current issues by JeffH https://github.com/w3c/webauthn/commit/17f3aa2fb46ac36be5fbb185f02a98ea1952ec01 * clarification by JeffH https://github.com/w3c/webauthn/commit/b4e8d0ec9121de61dd94b861b7bfef448423354d * wordsmithing, thx emlun! by JeffH https://github.com/w3c/webauthn/commit/619ebb98d28c0243c2a6343ea8c6c4ea877c2cb4 * incop & massage Emlun's suggestion, thx! by JeffH https://github.com/w3c/webauthn/commit/2730294db2b62b46fa960070159052b983c2acfe * rough WIP to fix issue #1701 side-channel attack by JeffH https://github.com/w3c/webauthn/commit/f0fe8f25b198d3ebc9f1ac10ae13d1eabfca364d * further WIP re fixing #1701 authnr nonce, & noting #1711 by JeffH https://github.com/w3c/webauthn/commit/f1452343557651be7569627a75a41709768d281c * attempt at polishing various portions of devicePubKey by JeffH https://github.com/w3c/webauthn/commit/b8d8567a5bf26e287e0dc378cc6bee940bc9ebed * The DPK is stored on the authenticator. The text said that the DPK was stored on the client device, but the client device is the device that the browser is running on, not the authenticator. That _might_ be the same device, but it's unclear. Clarify that the DPKs come from the authenticator. by Adam Langley https://github.com/w3c/webauthn/commit/d92bad2a3f5925b4dd4d0cb39544393e7f3a491b * Provide attestation controls. Mirror the attestation controls for user credentials into the DPK extension. by Adam Langley https://github.com/w3c/webauthn/commit/6d45aba6a5088cac743f85c33fec48dec60bd010 * Pull out DPK attestation rules and add signature prefix. This change adds a section about calculating DPK attestations and references that each time rather than duplicating the rules. It also adds a prefix to the signed messages to ensure that DPK and user credential attestations clearly cannot be confused. by Adam Langley https://github.com/w3c/webauthn/commit/eb598ff6a4d08ce35262ee2de3537a8989809cf9 * Reflow CDDL to avoid a scroll bar. by Adam Langley https://github.com/w3c/webauthn/commit/b7289e1686669ae00f65653ef608c594a504513f * Have the DPK sign over everything. Signing over too little is a common problem in protocols and the DPK wasn't signing over very much. The problem is that the signature was within the extension itself and thus couldn't easily cover the authenticator data. This change puts the DPK signature next to the normal signature in an assertion, transforming that field into a CBOR array. That's fine for assertions, but registration doesn't have such a signature output. Thus this change drops exercising the DPK during registration: Firstly, this is in line with the user credential which doesn't sign during registration unless "self" attestation is used. (And "self" attestation can be use with the DPK if desired.) Secondly, adding an extra signature output for registration is awkward. Putting it in the user credential attestation statement is awkward and conflicts when user-agents replace attestation statements. Adding a new CTAP field is possible but seems excessive since, as noted, there has never been a signature by the user credential. by Adam Langley https://github.com/w3c/webauthn/commit/dcfb39270f989b30dce6772d03e58c4549902afd * Note that CTAP2 CBOR is required in DPK. by Adam Langley https://github.com/w3c/webauthn/commit/cbb6b5d050a0c7647521da9ae9c6858c878d0f17 * Resolve comment by jovasco by Adam Langley https://github.com/w3c/webauthn/commit/ccfd0b4dfe95245d4771c290ed71c225142fd98d * Merge branch 'main' into dpk by Adam Langley https://github.com/w3c/webauthn/commit/f3315b503b23aceb5b32a02aad7c37d072a87af6 * Link definitions from PR 1695. by Adam Langley https://github.com/w3c/webauthn/commit/27ef223f89d941e266cb125a37626702edfd6999 * Make the DPK signature a different output field. by Adam Langley https://github.com/w3c/webauthn/commit/bfce0cf27dd9dee6b7ec83a5a3d5f119ffe445fd * Update attestation and add it for assertions by Adam Langley https://github.com/w3c/webauthn/commit/20dd35c00a4caf07b1514c5495afaaf1482e04ae * Introduce unsigned extension outputs and use it to return the dpk signature. by Arnar Birgisson https://github.com/w3c/webauthn/commit/27d0895f6fa054bd9c5d253a56db1fe6087c30fc * Fix build error by Arnar Birgisson https://github.com/w3c/webauthn/commit/e30cdb1212fc6d365e67e5b7a3de27d8a1f29ed2 * Review fixes and another indentation fix by Arnar Birgisson https://github.com/w3c/webauthn/commit/38fb4e1d81118868a87fed92ef233666c023da8b * Fix misplaced Note annotation by Arnar Birgisson https://github.com/w3c/webauthn/commit/0c7fad0231f7e30ac77bc5c49c335251d27d8373 * Merge pull request #1754 from arnar/jeffh-fix-1658-device-bound-key-extension Introduce unsigned extension outputs in DPK PR by Adam Langley https://github.com/w3c/webauthn/commit/844cff7ef1f55acb1708c890afe8449b0ba50d2e * Update attestation and add it for assertions by Adam Langley https://github.com/w3c/webauthn/commit/6fbfccf747a2af0e6893fa9abe7435310f2f2938 * Various fixes and updates in light of comments by Adam Langley https://github.com/w3c/webauthn/commit/4e67faaa43c5e72eff518f8771df8245acc2aae0 * Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension by Emil Lundberg https://github.com/w3c/webauthn/commit/832c2e880c6040034d8594223614ccdc2c4ff7e1 * Merge pull request #1787 from w3c/merge-main-into-1658 Fix merge conflicts in PR #1658 by Adam Langley https://github.com/w3c/webauthn/commit/6940a43a63833e21cc93e25caf39948565fb6aba * Apply more of emlun's suggestions from code review (GitHub is struggling with the number of them, thus I'm trying to do just the first half.) Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/7b531a866ab11715eee72667f7242c28acd08868 * Apply one of emlun's suggestions (This one seems to break GitHub's UI.) Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/04ddb485b6b9c4942a7b70d7f2076b801979924e * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/3cba94cf9532f9b28f1221dceb472d82494c9021 * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/47017e4b81fe3084f2428c1f1f44b12f1f3dd33d * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/16a846a3e1f696a42876aeaf6c6a9edee012a9ea * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/2ec8861a9d176992f3262989ea88222ee75d8a95 * Apply suggestions from code review Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/5c1cd985d599d95fafd708294ca93358c0896f44 * Apply suggestions from code review Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/5c6c23daacd8e894f7c1c06ef8ee97d762938b37 * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/a026a5bebd56ccb8196c2688b57df16a1c4a66c4 * Have the authenticator output a bytestring, not a map. The platform generally echos the authenticator extension outputs in its own extension output and DPK does the same. In order to avoid either replicating the DPK output structure into IDL, or having the platforms re-encode it, have the authenticators produce a byte string containing the encoded map. The platform can then copy the byte string verbatim. by Adam Langley https://github.com/w3c/webauthn/commit/ec03d4da8d88cd797a3c003c0212cc1beb438f4e * Fix devicePubKey sub-heading levels by Emil Lundberg https://github.com/w3c/webauthn/commit/88be1a6dd6701059482c7bbbb1961ea08f84863d * Hopefully fix up my misinterpretation of emlun's comment. by Adam Langley https://github.com/w3c/webauthn/commit/3430c953e47ab35085e80ac0086623f443de2f8e * RPs shouldn't check DPK attestation for equality. Otherwise they'll consider fresh attestations to be different devices. The attestation for existing DPKs is already checked in the “exactly one match” case. by Adam Langley https://github.com/w3c/webauthn/commit/5af393d40ff4275a343cb7b7cec19ac6876045be * Remove incorrect note about nonces. Just because the attestation is changing doesn't mean that the authenticator is using a nonce. It could just be signing the same message repeatedly. by Adam Langley https://github.com/w3c/webauthn/commit/fe333fe13b5a6b16a8012a49b680adf4a30e056a * Include enterpriseAttestationPossible when calling authenticatorGetAssertion by Adam Langley https://github.com/w3c/webauthn/commit/ece61f0870936697d3b78427191e73598c147a3d * Apply one of emlun's suggestions Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/4279e6ec00949bd0ec8c6d8f760c7a7605a704bd * Mention where authData and hash are used. by Adam Langley https://github.com/w3c/webauthn/commit/d25fd531c2f5ffcc6ec9af8857b2007f74d1b34a * Apply emlun's suggestions from code review Co-authored-by: Emil Lundberg <emil@yubico.com> by Adam Langley https://github.com/w3c/webauthn/commit/8966fe69bda5ccee862ae9519cf1649b0356468a * Address emlun's comments. by Adam Langley https://github.com/w3c/webauthn/commit/d671894d3c68492b41d50787938da8c03aec6b5e * Add a note to explain how the RP's challenge is included in dpkSig. by Adam Langley https://github.com/w3c/webauthn/commit/ca1b0c69c2a2e930b25e1d2d7ef2849aef8b9a3a * Remove a horizontal scrollbar on the DPK CDDL. by Adam Langley https://github.com/w3c/webauthn/commit/6112877aa5f97c1555f8207ab597a6b67dcb6432 * Remove now superfluous variable in DPK processing. by Adam Langley https://github.com/w3c/webauthn/commit/ed0b7797d317fca01c46ee80789df0d83c54d0c7 * Apply Shane's suggestions Co-authored-by: Shane Weeden <sbweeden@users.noreply.github.com> by Adam Langley https://github.com/w3c/webauthn/commit/9bd0e3d55e5f3990a9635320abd06f879f54299b * DPK is only valid for backup eligible credentials. (This was discussed at TPAC. by Adam Langley https://github.com/w3c/webauthn/commit/759ce04e597537ca8a49c6b0a8bef71db7dc13d9 * Address Shane's comments. by Adam Langley https://github.com/w3c/webauthn/commit/8aa160ceaf8b411b1747889fffc40a0cdb6ef213 * s/then/than, noticed by Shane. by Adam Langley https://github.com/w3c/webauthn/commit/bff403d8cb36d97fdf19021ea5e979e407d59cb9 * Add missing blank line. Thanks Emil. by Adam Langley https://github.com/w3c/webauthn/commit/fba2725dd9c3e6c8b40e91eefd17a488af2f498e * Resolve last comment. This resolves https://github.com/w3c/webauthn/pull/1663/files#r790893167 but including the suggested wording. (Tweaked to make bikeshed happy.) by Adam Langley https://github.com/w3c/webauthn/commit/f7808700683c57196eb77f8342ac8413c7091259 * Merge branch 'main' into dpk by Adam Langley https://github.com/w3c/webauthn/commit/6ae32a0bc0722f1f1e32a9eb89e57f6f09996586 * Merge pull request #1663 from w3c/jeffh-fix-1658-device-bound-key-extension device public key extension by Adam Langley https://github.com/w3c/webauthn/commit/dd7dba6d35dae2bdd87f0303f9b0ad4d54c0116b -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 7 October 2022 20:05:31 UTC