public-webauthn@w3.org from November 2023 by subject

11/01/2023 W3C Web Authentication Meeting - Corrected start time

• nadalin@prodigy.net (Wednesday, 1 November)

11/15/2023 W3C Web Authentication Meeting

• nadalin@prodigy.net (Wednesday, 29 November)
• nadalin@prodigy.net (Wednesday, 15 November)

11/22/2023 W3C Web Authentication Meeting -CANCELLED

• nadalin@prodigy.net (Wednesday, 22 November)

11/29/2023 W3C Web Authentication Meeting

• nadalin@prodigy.net (Wednesday, 29 November)

[w3c/webauthn]

• Emil Lundberg (Thursday, 30 November)
• Emil Lundberg (Thursday, 30 November)
• Emil Lundberg (Thursday, 16 November)
• Adam Langley (Wednesday, 15 November)
• Matthew Miller (Wednesday, 15 November)
• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] 04dd9e: Remove `devicePubKey` extension.

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] 139405: Explicitly mention that these are examples

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] 15dad7: Drop assertion-time attestation.

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] 1d2d52: Align credProps output reference with other extens...

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] 228a1f: Enable linking to non-autofill credential type

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] 462113: Apply emlun's changes from code review

• Emil Lundberg (Wednesday, 15 November)
• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] 462773: Merge pull request #1988 from w3c/add-credprops-to...

• Nick Steele (Wednesday, 29 November)

[w3c/webauthn] 4b49ca: Tweaks for bikeshed

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] 4e244a: Merge pull request #2000 from sbweeden/sweeden_1998

• Shane Weeden (Wednesday, 29 November)

[w3c/webauthn] 5c7ca4: Incorporate PR feedback

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] 72b78b: Address more of emlun's comments.

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] 76e88e: Initial effort to allow credProps use during auth

• Nick Steele (Wednesday, 29 November)

[w3c/webauthn] 9cf163: Update other instances of the SPK attestation prefix.

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] a1b203: Merge pull request #1986 from w3c/bikeshed-tweaks-2

• Matthew Miller (Wednesday, 15 November)

[w3c/webauthn] a24602: Merge branch 'main' into spk

• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] a6ee5a: Fix incorrect reference in Add Virtual Authenticator

• Emil Lundberg (Wednesday, 22 November)

[w3c/webauthn] ba70ca: Merge branch 'main' into spk

• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] c2ec71: Fix references to credential private key that shou...

• Emil Lundberg (Tuesday, 28 November)

[w3c/webauthn] c36951: Merge pull request #1992 from w3c/mm/conditional-u...

• Nick Steele (Wednesday, 29 November)

[w3c/webauthn] c5c873: Merge pull request #1957 from w3c/spk

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] cc1a9b: Extract recommended timeout ranges and defaults to...

• Adam Langley (Wednesday, 15 November)
• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] cf3ca3: authHash -> authData typo fix.

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] d13f46: Clarify validation step for packed attestation cer...

• Shane Weeden (Wednesday, 29 November)

[w3c/webauthn] d21314: Merge pull request #1855 from w3c/issue-1848-chall...

• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] d39e8b: Say "PubKeys" not "PublicKeys"

• Adam Langley (Wednesday, 15 November)

[w3c/webauthn] d87c22: Merge remote-tracking branch 'origin/main' into spk

• Emil Lundberg (Wednesday, 15 November)

[w3c/webauthn] ea6e59: Add note about typical autocomplete combos

• Nick Steele (Wednesday, 29 November)
• Matthew Miller (Wednesday, 1 November)

[w3c/webauthn] f12069: Try to generate valid HTML

• Matthew Miller (Wednesday, 1 November)

[webauthn] Add backup flags to virtual authenticator (#1999)

• Nina Satragno via GitHub (Monday, 27 November)

[webauthn] Add importCryptoKey input to PRF extension (#1945)

• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] Add new getClientCapabilities method (#1923)

• Emil Lundberg via GitHub (Monday, 27 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 15 November)
• John Schanck via GitHub (Wednesday, 1 November)

[webauthn] Add note about typical autocomplete combos for conditional UI (#1992)

• Emil Lundberg via GitHub (Thursday, 16 November)
• Matthew Miller via GitHub (Thursday, 16 November)
• Nina Satragno via GitHub (Thursday, 16 November)
• Emil Lundberg via GitHub (Thursday, 16 November)
• Nina Satragno via GitHub (Wednesday, 1 November)
• Arian van Putten via GitHub (Wednesday, 1 November)
• Matthew Miller via GitHub (Wednesday, 1 November)

[webauthn] Allow use of credProps extension during auth (#1988)

• Matthew Miller via GitHub (Wednesday, 15 November)

[webauthn] Clarify how to differentiate between exceptions (#1859)

• Lucas Garron via GitHub (Friday, 3 November)
• Matthew Miller via GitHub (Friday, 3 November)
• Emil Lundberg via GitHub (Wednesday, 1 November)
• Matthew Miller via GitHub (Wednesday, 1 November)

[webauthn] Closed Pull Request: Add importCryptoKey input to PRF extension

• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] Closed Pull Request: Resolve conflicts between spk (#1957) and PR #1970

• Emil Lundberg via GitHub (Thursday, 16 November)

[webauthn] Code Injection vulnerability from client side (#1965)

• Nick Steele via GitHub (Wednesday, 29 November)

[webauthn] Consider allowing cross-domain credential use (#1372)

• Tim Cappalli via GitHub (Thursday, 30 November)
• alfonso-paella via GitHub (Thursday, 30 November)
• Tim Cappalli via GitHub (Friday, 3 November)
• Jaimin Bhatt via GitHub (Friday, 3 November)

[webauthn] create() and get() return an algorithm, not a credential (#1984)

• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] Drop assertion-time attestation. (#1997)

• Arian van Putten via GitHub (Thursday, 16 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Rolf Lindemann via GitHub (Wednesday, 15 November)

[webauthn] How is an RP to know if a packed attestation root certificate is used for more multiple authenticator models? (#1998)

• Shane Weeden via GitHub (Thursday, 16 November)

[webauthn] How is an RP to know if a packed attestation root certificate is used for multiple authenticator models? (#1998)

• Shane Weeden via GitHub (Wednesday, 22 November)
• Emil Lundberg via GitHub (Thursday, 16 November)

[webauthn] How to know if a user has already registered a device? (#1749)

• Juan C. Andreu via GitHub (Thursday, 30 November)
• Arnaud Dagnelies via GitHub (Thursday, 30 November)
• Joel Biddle via GitHub (Thursday, 30 November)
• Mitar via GitHub (Wednesday, 29 November)
• Joel Biddle via GitHub (Wednesday, 29 November)
• Arnaud Dagnelies via GitHub (Sunday, 26 November)
• Mitar via GitHub (Saturday, 25 November)
• Adam Langley via GitHub (Saturday, 25 November)
• Arnaud Dagnelies via GitHub (Saturday, 25 November)
• Firstyear via GitHub (Friday, 24 November)
• Mitar via GitHub (Friday, 24 November)
• Firstyear via GitHub (Friday, 24 November)
• Mitar via GitHub (Friday, 24 November)
• Adam Langley via GitHub (Friday, 24 November)
• Mitar via GitHub (Thursday, 23 November)
• Firstyear via GitHub (Thursday, 23 November)
• Mitar via GitHub (Thursday, 23 November)

[webauthn] Inconsistent Passkey Authentication in Google Chrome (#1993)

• Tim Cappalli via GitHub (Monday, 6 November)
• Firstyear via GitHub (Sunday, 5 November)
• Matthew Miller via GitHub (Sunday, 5 November)
• Firstyear via GitHub (Sunday, 5 November)
• Adam Langley via GitHub (Saturday, 4 November)
• CyberCitizen via GitHub (Saturday, 4 November)

[webauthn] make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services) (#1942)

• Mitar via GitHub (Sunday, 26 November)
• Emil Lundberg via GitHub (Friday, 24 November)
• Mitar via GitHub (Friday, 24 November)
• Firstyear via GitHub (Friday, 24 November)
• Mitar via GitHub (Friday, 24 November)

[webauthn] Merged Pull Request: Add credProps client processing step to set authenticatorDisplayName

• Matthew Miller via GitHub (Wednesday, 15 November)

[webauthn] Merged Pull Request: Add note about typical autocomplete combos for conditional UI

• Nick Steele via GitHub (Wednesday, 29 November)

[webauthn] Merged Pull Request: Allow use of credProps extension during auth

• Nick Steele via GitHub (Wednesday, 29 November)

[webauthn] Merged Pull Request: Clarify validation step for packed attestation certificate for RPs.

• Shane Weeden via GitHub (Wednesday, 29 November)

[webauthn] Merged Pull Request: devicePubKey → supplementalPubKeys

• Adam Langley via GitHub (Wednesday, 15 November)

[webauthn] Merged Pull Request: Recommend duration of challenge validity

• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] Merged Pull Request: Tweaks for bikeshed

• Matthew Miller via GitHub (Wednesday, 15 November)

[webauthn] new commits pushed by agl

• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)
• Adam Langley via GitHub (Wednesday, 15 November)

[webauthn] new commits pushed by emlun

• Emil Lundberg via GitHub (Tuesday, 28 November)
• Emil Lundberg via GitHub (Wednesday, 22 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)
• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] new commits pushed by github-actions[bot]

• github-actions[bot] via GitHub (Wednesday, 29 November)
• github-actions[bot] via GitHub (Wednesday, 29 November)
• github-actions[bot] via GitHub (Wednesday, 29 November)
• github-actions[bot] via GitHub (Wednesday, 15 November)
• github-actions[bot] via GitHub (Wednesday, 15 November)
• github-actions[bot] via GitHub (Wednesday, 15 November)

[webauthn] new commits pushed by MasterKale

• Matthew Miller via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 15 November)
• Matthew Miller via GitHub (Wednesday, 1 November)
• Matthew Miller via GitHub (Wednesday, 1 November)

[webauthn] new commits pushed by nicksteele

• Nick Steele via GitHub (Wednesday, 29 November)
• Nick Steele via GitHub (Wednesday, 29 November)

[webauthn] new commits pushed by sbweeden

• Shane Weeden via GitHub (Wednesday, 29 November)

[webauthn] Pull Request: Add backup flags to virtual authenticator

• Nina Satragno via GitHub (Monday, 20 November)

[webauthn] Pull Request: Add credProps client processing step to set authenticatorDisplayName

• Emil Lundberg via GitHub (Friday, 10 November)

[webauthn] Pull Request: Add note about typical autocomplete combos

• Matthew Miller via GitHub (Wednesday, 1 November)

[webauthn] Pull Request: Clarify validation step for packed attestation certificate for RPs.

• Shane Weeden via GitHub (Wednesday, 22 November)

[webauthn] Pull Request: Drop assertion-time attestation.

• Adam Langley via GitHub (Wednesday, 15 November)

[webauthn] Pull Request: Fix incorrect (?) reference in Add Virtual Authenticator

• Emil Lundberg via GitHub (Wednesday, 22 November)

[webauthn] Pull Request: Fix references to credential private key that should be credential source

• Emil Lundberg via GitHub (Tuesday, 28 November)

[webauthn] Pull Request: Reference CTAP 2.1 errata spec

• Michael B. Jones via GitHub (Thursday, 30 November)

[webauthn] Pull Request: Resolve conflicts between spk (#1957) and PR #1970

• Emil Lundberg via GitHub (Wednesday, 15 November)

[webauthn] reference CTAP2.1 PS spec and fix broken link (#1635)

• Adam Langley via GitHub (Wednesday, 29 November)

[webauthn] Resolve conflicts between spk (#1957) and PR #1970 (#1996)

• Emil Lundberg via GitHub (Thursday, 16 November)

[webauthn] rp.name, user.name and user.displayName length limit does not state binary encoding (#1994)

• Firstyear via GitHub (Thursday, 9 November)
• Emil Lundberg via GitHub (Tuesday, 7 November)

[webauthn] Spec abstract is out of date on the eve of multi-device credentials and cross-device auth (#1743)

• Nick Steele via GitHub (Wednesday, 29 November)

[webauthn] Support a "create or get [or replace]" credential re-association operation (#1568)

• Mitar via GitHub (Saturday, 25 November)
• Mitar via GitHub (Friday, 24 November)

[webauthn] username and display name should not be mandatory (rp, challange either) and OS UX should be simplified if not present (#1915)

• Joel Biddle via GitHub (Thursday, 30 November)
• r-jo via GitHub (Thursday, 30 November)
• Joel Biddle via GitHub (Thursday, 30 November)

[webauthn] Virtual Authenticator API does not expose a way to set backup-eligible or backup-status flags (#1987)

• Matthew Miller via GitHub (Wednesday, 1 November)

[webauthn] Wrong type of encrypted content specified for credentialId under "Credential Storage Modality" section (#2002)

• Ryo Kajiwara via GitHub (Tuesday, 28 November)

Closed: [webauthn] Code Injection vulnerability from client side (#1965)

• Nick Steele via GitHub (Wednesday, 29 November)

Closed: [webauthn] How is an RP to know if a packed attestation root certificate is used for multiple authenticator models? (#1998)

• Shane Weeden via GitHub (Wednesday, 29 November)

Closed: [webauthn] How long the relying party should maintain the challenge and related information? (#1848)

• Emil Lundberg via GitHub (Wednesday, 15 November)

Closed: [webauthn] Inconsistent Passkey Authentication in Google Chrome (#1993)

• Tim Cappalli via GitHub (Monday, 6 November)

Closed: [webauthn] Spec abstract is out of date on the eve of multi-device credentials and cross-device auth (#1743)

• Nick Steele via GitHub (Wednesday, 29 November)

Closed: [webauthn] Spec is not specific enough about order of conditional UI autofill tokens (#1982)

• Nick Steele via GitHub (Wednesday, 29 November)

EAP method based on FIDO (@ IETF this week)

• Emil Lundberg (Tuesday, 7 November)
• Jan-Frederik Rieckers (Tuesday, 7 November)
• Adam Langley (Monday, 6 November)
• Samuel Weiler (Sunday, 5 November)

Event Canceled: Web Authentication weekly

• Anthony Nadalin (W3C Calendar) (Wednesday, 22 November)
• Anthony Nadalin (W3C Calendar) (Wednesday, 15 November)

Event Invitation: Web Authentication weekly

• Anthony Nadalin (W3C Calendar) (Wednesday, 15 November)

Event Updated: Web Authentication bi-weekly

• John Fontana (W3C Calendar) (Wednesday, 1 November)

Event Updated: Web Authentication weekly

• Philippe Le Hegaret (W3C Calendar) (Wednesday, 15 November)
• Anthony Nadalin (W3C Calendar) (Wednesday, 15 November)

Weekly github digest (WebAuthn)

• W3C Webmaster via GitHub API (Tuesday, 28 November)
• W3C Webmaster via GitHub API (Tuesday, 21 November)
• W3C Webmaster via GitHub API (Tuesday, 14 November)
• W3C Webmaster via GitHub API (Tuesday, 7 November)

Last message date: Thursday, 30 November 2023 13:55:02 UTC