Weekly github digest (WebAuthn) from W3C Webmaster via GitHub API on 2023-08-22 (public-webauthn@w3.org from August 2023)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Tue, 22 Aug 2023 17:00:42 +0000
To: public-webauthn@w3.org
Message-Id: <E1qYUkE-00ABwU-CY@uranus.w3.org>
Issues
------
* w3c/webauthn (+2/-8/💬19)
  2 issues created:
  - make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services) (by r-jo)
    https://github.com/w3c/webauthn/issues/1942 [type:technical] 
  - The default value of `attestation` member in `PublicKeyCredentialRequestOptions` should be null (by Kieun)
    https://github.com/w3c/webauthn/issues/1941 [type:technical] 

  8 issues received 19 new comments:
  - #1942 make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services) (1 by arianvp)
    https://github.com/w3c/webauthn/issues/1942 [type:technical] 
  - #1929 Non-modal registration during conditional assertion (1 by pascoej)
    https://github.com/w3c/webauthn/issues/1929 [stat:Discuss] [subtype:FeatureProposal] [@Risk] 
  - #1928 Return public key in attestedCredentialData on authenticatorGetAssertion (1 by emlun)
    https://github.com/w3c/webauthn/issues/1928 [type:technical] 
  - #1922 Signaling when user credentials are shared between users to the `relying party` (2 by Firstyear, dwaite)
    https://github.com/w3c/webauthn/issues/1922 [stat:Discuss] [subtype:FeatureProposal] 
  - #1921 Adding some sentences to describe credential sharing between multiple users (5 by Kieun, emlun, sbweeden, timcappalli)
    https://github.com/w3c/webauthn/issues/1921 [type:editorial] 
  - #1915 username and display name should not be mandatory (rp, challange either) and OS UX should be simplified if not present (7 by emlun, r-jo, ryanshahine)
    https://github.com/w3c/webauthn/issues/1915 [stat:Discuss] [subtype:FeatureProposal] 
  - #1895 Proposal/discussion: non-extractable CryptoKey output from the prf extension (1 by MasterKale)
    https://github.com/w3c/webauthn/issues/1895 [stat:Discuss] [subtype:FeatureProposal] [@Risk] 
  - #1890 Add Changed Flag to UVM Entry (1 by nicksteele)
    https://github.com/w3c/webauthn/issues/1890 [type:technical] [@Risk] 

  8 issues closed:
  - Add Changed Flag to UVM Entry https://github.com/w3c/webauthn/issues/1890 [type:technical] [@Risk] 
  - username and display name should not be mandatory (rp, challange either) and OS UX should be simplified if not present https://github.com/w3c/webauthn/issues/1915 [stat:Discuss] [subtype:FeatureProposal] 
  - Return public key in attestedCredentialData on authenticatorGetAssertion https://github.com/w3c/webauthn/issues/1928 [type:technical] 
  - Signaling when user credentials are shared between users to the `relying party` https://github.com/w3c/webauthn/issues/1922 [stat:Discuss] [subtype:FeatureProposal] 
  - Revisit description of userHandle https://github.com/w3c/webauthn/issues/1909 [type:editorial] 
  - Require non-null userHandle when allowCredentials is empty? https://github.com/w3c/webauthn/issues/1892 [type:technical] [stat:pr-open] [@Risk] 
  - `attestation` and `attestationObject` is missing some of interfaces for assertions  https://github.com/w3c/webauthn/issues/1918 [type:technical] [stat:pr-open] 
  - Clarify how the given origin in the ClientDataJSON matches to the expected one https://github.com/w3c/webauthn/issues/1889 [type:editorial] [stat:pr-open] 



Pull requests
-------------
* w3c/webauthn (+0/-4/💬3)
  3 pull requests received 3 new comments:
  - #1914 Address description of uses, and requirements for supplying userHandle  (1 by sbweeden)
    https://github.com/w3c/webauthn/pull/1914 [type:technical] 
  - #1884 Add a `hints` element for both `create` and `get`. (1 by agl)
    https://github.com/w3c/webauthn/pull/1884 [@Risk] 
  - #1880 Add authenticatorDisplayName to credProps (1 by emlun)
    https://github.com/w3c/webauthn/pull/1880 [stat:Discuss] [subtype:extensions] [subtype:FeatureProposal] [@Risk] 

  4 pull requests merged:
  - Address description of uses, and requirements for supplying userHandle 
    https://github.com/w3c/webauthn/pull/1914 [type:technical] 
  - Add missing fields in dictionaries for JSON representation
    https://github.com/w3c/webauthn/pull/1920 [type:technical] 
  - Add security consideration section "Validating the origin of a credential"
    https://github.com/w3c/webauthn/pull/1930 [type:editorial] 
  - Update Authenticator Definition
    https://github.com/w3c/webauthn/pull/1931 [type:editorial] 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webauthn


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 22 August 2023 17:00:45 UTC