- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Fri, 25 Aug 2023 13:51:32 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by agl to https://github.com/w3c/webauthn:
* Merge pull request #1 from w3c/master
Up to date
by Ki-Eun Shin
https://github.com/w3c/webauthn/commit/bda342301902bed232cc51e60a30c4b732e9e7d9
* Improve UV guidance using new Credential Record concept
by Emil Lundberg
https://github.com/w3c/webauthn/commit/3daf3be467fd0f58555194d3ce0c4faf2db6380e
* Add note that UV is not MFA the first time UV=1 is seen
by Emil Lundberg
https://github.com/w3c/webauthn/commit/13b5fcc2e0e9132f83c84fda3e061193a33919d4
* Merge branch 'main' into issue-1510-uv-guidance
by Emil Lundberg
https://github.com/w3c/webauthn/commit/ccc5e2bbb1909a2657f14883eb2b71274f8c20d5
* Clarify to ignore UV flag if not required
by Emil Lundberg
https://github.com/w3c/webauthn/commit/af07d1598c70431d36ee1ad53e042582b72f7379
* Formalize definition of uvInitialized in credential record
by Emil Lundberg
https://github.com/w3c/webauthn/commit/7e541a0c9cedea58006f18a414c778d3c1e4f026
* Don't "promote" UV preferred to required, and make uvInitialized update more defensive
by Emil Lundberg
https://github.com/w3c/webauthn/commit/75e67c48bd5f7ea6f6b9acce9e6aa613b2a123ce
* Merge pull request #1774 from w3c/issue-1510-uv-guidance
Improve guidance around using UV
by Emil Lundberg
https://github.com/w3c/webauthn/commit/748eea045a18a2ecad384df20c84f5c7ac33303a
* Mark all JSON fields as required.
These fields should always be present (although some can be null) but
the default for a dictionary field is `optional`. Thus mark them all as
required.
by Adam Langley
https://github.com/w3c/webauthn/commit/da7f7d442ec464c79dc78528d29c0051f39f2e7b
* Fields are optional, not nullable, now.
by Adam Langley
https://github.com/w3c/webauthn/commit/dbd8df4cde6e8b27c2e801940cda4354ff680510
* Include the "Easily accessing credential data" fields in JSON.
The WebAuthn API provides accessors to get the SPKI-formatted public key
and authenticator data without needing to parse CBOR or handle COSE.
However, the JSON structures, prior to this change, didn't include these
values giving users an unfortunate choice: either use the accessors and
do the JSON encoding yourself, or use the provided `toJSON` function.
But we can have both!
by Adam Langley
https://github.com/w3c/webauthn/commit/3161ff93b0e85edaa1939d79e1dc012d827d435c
* Update in light of Matt's comments.
by Adam Langley
https://github.com/w3c/webauthn/commit/6ea51efeb5519b00daf4276f55fbb712152a1d12
* add client processing for topOrigin
by Tim Cappalli
https://github.com/w3c/webauthn/commit/aca33d58b4cb7cbaff0454e3cd6b1ca8883f287f
* Use spaces, not tabs, to match up
by Adam Langley
https://github.com/w3c/webauthn/commit/0a7a05d3e9648c2f59184a80fd0b32aac78ecfa6
* Update index.bs
Co-authored-by: Emil Lundberg <emil@yubico.com>
by Adam Langley
https://github.com/w3c/webauthn/commit/5d62f33a9bf61c5e4fff6006a7cc36871fbd91cf
* Merge pull request #1878 from w3c/json
Mark all JSON fields as required.
by Adam Langley
https://github.com/w3c/webauthn/commit/ae71f1008443b7945b1b5d8378880adf55d8b811
* Adjust timeout for create and get operations (#1885)
* Adjust Timeout
* Change timeout recommendation to Bulleted List
by Akshay Kumar
https://github.com/w3c/webauthn/commit/ad61c6faa12e522f128d7e649bcca616110118be
* Mike is independent
by Michael Jones
https://github.com/w3c/webauthn/commit/e688b99e1788dd58fbf434cb3239f722fdac0a0c
* Update Nick contact
by Nick Steele
https://github.com/w3c/webauthn/commit/61f08927c7dd0697981f46bd4028d8eb5a92a8da
* alias passkey to discoverable credential dfn
by Tim Cappalli
https://github.com/w3c/webauthn/commit/9ef5b7099358319642e45add0c6542d7a5f96654
* define platform passkey authenticator
by Tim Cappalli
https://github.com/w3c/webauthn/commit/e7451132550e6734255837f56f2f863a303547fd
* flip passkey and platform to match UVPAA
by Tim Cappalli
https://github.com/w3c/webauthn/commit/f2c13cb4cc7360450b289c2addf0194c142a279d
* Add isPasskeyPlatformAuthenticatorAvailable method
by Tim Cappalli
https://github.com/w3c/webauthn/commit/747d8aef82a4ac757d0b0008e8c7e0c637cce36a
* fix hybrid references
by Tim Cappalli
https://github.com/w3c/webauthn/commit/c7f44215be3e879aee1ce92ddb46d2522c48222d
* s/are/is
Co-authored-by: Emil Lundberg <emil@yubico.com>
by Tim Cappalli
https://github.com/w3c/webauthn/commit/0ad2938ce67afb1fa68ecb0a82d51ee6a8652476
* Merge pull request #1894 from w3c/ns1pw
Update Nick Contact info
by Nick Steele
https://github.com/w3c/webauthn/commit/50c8b9233965571d32da6a06febd3d75ecd366ef
* Merge pull request #1893 from selfissued/mbj-independent
Mike is independent
by Nick Steele
https://github.com/w3c/webauthn/commit/6dfbdbaad8425140030afacb7de27eb13e7872ce
* Merge pull request #1887 from w3c/jsoneasy
Include the "Easily accessing credential data" fields in JSON.
by Matthew Miller
https://github.com/w3c/webauthn/commit/e0aedf348987147cebe10b1c1c38ef2cdbac88b6
* Add missing instructions for populating new JSON fields
by Emil Lundberg
https://github.com/w3c/webauthn/commit/fe4d21f6cf374c2a6d726d1e0644c10acbf3e06d
* Assert that be:0+bs:1 is bad during create()
by Matthew Miller
https://github.com/w3c/webauthn/commit/615e8e6f71989075ebc79b6ed4ba3f8d8e10d3f1
* Assert be:1->be:0 or be:0+bs:1 are bad from get()
by Matthew Miller
https://github.com/w3c/webauthn/commit/72ef9bb536790529e304ad64370820ffa6c6e703
* Require `be` not to change after .get()
by Matthew Miller
https://github.com/w3c/webauthn/commit/d8b42fe6f9dd5a9f0bc78ca5c21ccf9181241a17
* Disambiguate [=Window=] links as {{Window}}
by Emil Lundberg
https://github.com/w3c/webauthn/commit/7b1099fda3c8e019ae53994b8da28877bc50c8e2
* update additional combos per @emlun feedback
by Tim Cappalli
https://github.com/w3c/webauthn/commit/88139876d0418563ac8492f1eada3fc9eed4c9af
* Make consistent the check for be:0,bs:1 during reg
by Matthew Miller
https://github.com/w3c/webauthn/commit/8a04cf78bf75df098d93b0c06a888f81de861506
* Enforce rejection of be:0,bs:1 during auth
by Matthew Miller
https://github.com/w3c/webauthn/commit/3e0395f5d5cdb6cac5b814ef9492be2f803f8897
* Merge pull request #1906 from w3c/json
Merge #1887 into main
by Matthew Miller
https://github.com/w3c/webauthn/commit/de9ca6bead8d94f3b051fa42e8068f9aa8032656
* Merge pull request #1891 from w3c/tc-toporigin-sect5
add client processing for topOrigin
by Tim Cappalli
https://github.com/w3c/webauthn/commit/e165bc1131e8a111fb3a15d0439ae21ac31290dc
* Explicitly require userHandle to be supplied during assertion ceremonies with empty allowCredentials list and enhance description and uses of userHandle
by Shane Weeden
https://github.com/w3c/webauthn/commit/0553e3176de123fec7fb66b17c56867d97faf5cb
* Accept suggested from @emlun
Co-authored-by: Emil Lundberg <emil@emlun.se>
by Shane Weeden
https://github.com/w3c/webauthn/commit/ce3e33e959a3b349222cd6a8645d68eb0b20282b
* Accept suggested from @emlun
remove whitespace
Co-authored-by: Emil Lundberg <emil@emlun.se>
by Shane Weeden
https://github.com/w3c/webauthn/commit/39c1354f618cc40a9f8eb0845083b16fa28fee25
* Acc
remove whitespace
Co-authored-by: Emil Lundberg <emil@emlun.se>
by Shane Weeden
https://github.com/w3c/webauthn/commit/836dfb54fe443fab038a81cf9a54913fc4c3de77
* Accept suggested from @emlun
Remove whitespace
Co-authored-by: Emil Lundberg <emil@emlun.se>
by Shane Weeden
https://github.com/w3c/webauthn/commit/a165fabf8955c3d14e086f9329e4c475763a5acf
* Merge branch 'w3c:main' into master
by Ki-Eun Shin
https://github.com/w3c/webauthn/commit/0252205b95ab130af3a235bdf37499eeda3f49bc
* Remove redundant step
by Matthew Miller
https://github.com/w3c/webauthn/commit/4514f5fcefa2c8d8e23fbd8e8b1cbc3990ce959d
* Merge pull request #1901 from w3c/tc-featdetc-ispaa
Add new isPasskeyPlatformAuthenticatorAvailable() method
by Tim Cappalli
https://github.com/w3c/webauthn/commit/5bd3dd1ccffcbdc50873d551fbd1606e4023340d
* Add missing fields in dictionaries for JSON representation
by Kieun
https://github.com/w3c/webauthn/commit/0f99bad4940e0d054351f7a87f8a8b5d3ff04b68
* Add security consideration section "Validating the origin of a credential"
by Emil Lundberg
https://github.com/w3c/webauthn/commit/91357673ef2c41cefb12241dc105babb034df28f
* Update Authenticator definition
by Nick Steele
https://github.com/w3c/webauthn/commit/1047330cfa49398966ee91e437a74b4492d96270
* Explain why RP origin validation helps even with scoping rules
by Emil Lundberg
https://github.com/w3c/webauthn/commit/5ecbf2876fa7f327338d71e05e3ff115334ec327
* update with feedback
by Nick Steele
https://github.com/w3c/webauthn/commit/aff97c2f20ee244e436a1de7df2aea90226b0a3f
* Merge pull request #1907 from w3c/1791-enforce-be-bs-flag-states
Define RP processing of be and bs flags during `.create()` and `.get()`
by Matthew Miller
https://github.com/w3c/webauthn/commit/6b68667f163e36d8546b37832b77b8945f97a4b2
* Merge pull request #1911 from w3c/issue-1910-disambiguate-window-link
Disambiguate [=Window=] links as {{Window}}
by Emil Lundberg
https://github.com/w3c/webauthn/commit/409421b7be1435ebeca72b7d5147b74655a8deb2
* Merge pull request #1931 from w3c/nsteele-authntctr-def-1743
Update Authenticator Definition
by Nick Steele
https://github.com/w3c/webauthn/commit/84ef4ac95962af8e6f7e1ef2220d08e9f9dc5db7
* Merge pull request #1930 from w3c/issue-1889-clarify-origin-matching
Add security consideration section "Validating the origin of a credential"
by Emil Lundberg
https://github.com/w3c/webauthn/commit/0a59b6233cf242497de50f14ef349eae40869f2b
* Merge pull request #1920 from Kieun/kieun-1918
Add missing fields in dictionaries for JSON representation
by Adam Langley
https://github.com/w3c/webauthn/commit/98214b0f0b3abf056fd4880558e7b9f17773661a
* Merge pull request #1914 from sbweeden/sbweeden_1892_and_1909
Address description of uses, and requirements for supplying userHandle
by Nick Steele
https://github.com/w3c/webauthn/commit/bd68fbf48628349b1c63f6410337045228d79a65
* Merge branch 'main' into hints
by Adam Langley
https://github.com/w3c/webauthn/commit/424e917fdb2175cb6501a19324061633c7084afe
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 25 August 2023 13:51:35 UTC