- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Tue, 12 Sep 2023 17:00:48 +0000
- To: public-webauthn@w3.org
- Message-Id: <E1qg6kq-004IMV-FK@uranus.w3.org>
Issues
------
* w3c/webauthn (+3/-7/💬21)
3 issues created:
- Should credentials requested with attestation=none include an AAGUID (by pascoej)
https://github.com/w3c/webauthn/issues/1962 [type:technical]
- Add support for SRP (or some other PAKE) in WebAuthn (by dolda2000)
https://github.com/w3c/webauthn/issues/1960 [type:technical]
- PublicKeyCredentialJSON is an invalid WebIDL construct (by petervanderbeken)
https://github.com/w3c/webauthn/issues/1958 [type:technical]
14 issues received 21 new comments:
- #1962 Should credentials requested with attestation=none include an AAGUID? (2 by nsatragno, pascoej)
https://github.com/w3c/webauthn/issues/1962 [type:technical] [type:editorial]
- #1960 Add support for SRP (or some other PAKE) in WebAuthn (3 by Firstyear, dolda2000, emlun)
https://github.com/w3c/webauthn/issues/1960 [type:technical]
- #1958 PublicKeyCredentialJSON is an invalid WebIDL construct (3 by MasterKale, arianvp)
https://github.com/w3c/webauthn/issues/1958 [type:technical]
- #1895 Proposal/discussion: non-extractable CryptoKey output from the prf extension (1 by MasterKale)
https://github.com/w3c/webauthn/issues/1895 [stat:Discuss] [stat:pr-open] [subtype:FeatureProposal] [@Risk]
- #1635 reference CTAP2.1 PS spec and fix broken link (1 by selfissued)
https://github.com/w3c/webauthn/issues/1635 [type:editorial] [@Risk]
- #1569 Prevent browsers from deleting credentials that the RP wanted to be server-side (1 by MasterKale)
https://github.com/w3c/webauthn/issues/1569 [type:technical]
- #1560 Cleanup when creating discoverable credentials with attestations (2 by Firstyear, dwaite)
https://github.com/w3c/webauthn/issues/1560 [stat:Discuss] [subtype:FeatureProposal] [subtype:Inquiry] [@Risk]
- #1522 Making PublicKeyCredentialDescriptor.transports mandatory (1 by timcappalli)
https://github.com/w3c/webauthn/issues/1522 [type:technical]
- #1446 PublicKeyCredentialParameters can't select curve (E.g. ed448) (1 by selfissued)
https://github.com/w3c/webauthn/issues/1446 [type:technical] [@Risk]
- #1358 Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (2 by emlun, jbhanks)
https://github.com/w3c/webauthn/issues/1358 [type:technical] [subtype:algorithms/WebIDL] [subtype:FeatureProposal]
- #1255 Add a way to use webauthn without Javascript (1 by selfissued)
https://github.com/w3c/webauthn/issues/1255 [stat:Discuss] [type:technical] [subtype:FeatureProposal]
- #1208 add feature detection blurb... (1 by timcappalli)
https://github.com/w3c/webauthn/issues/1208 [type:editorial] [@Risk]
- #1207 think about adding note wrt how client platform might obtain authenticator capabilities (1 by timcappalli)
https://github.com/w3c/webauthn/issues/1207 [type:editorial] [priority:low] [@Risk]
- #931 Recovering from Device Loss (1 by MasterKale)
https://github.com/w3c/webauthn/issues/931 [type:technical] [subtype:CTAP]
7 issues closed:
- Making PublicKeyCredentialDescriptor.transports mandatory https://github.com/w3c/webauthn/issues/1522 [type:technical]
- add feature detection blurb... https://github.com/w3c/webauthn/issues/1208 [type:editorial] [@Risk]
- think about adding note wrt how client platform might obtain authenticator capabilities https://github.com/w3c/webauthn/issues/1207 [type:editorial] [priority:low] [@Risk]
- Recovering from Device Loss https://github.com/w3c/webauthn/issues/931 [type:technical] [subtype:CTAP]
- Emphasize use of `user.name` for RP's to help users distinguish credentials https://github.com/w3c/webauthn/issues/1852 [type:technical]
- Add support for SRP (or some other PAKE) in WebAuthn https://github.com/w3c/webauthn/issues/1960 [type:technical]
- Broken references in Web Authentication: An API for accessing Public Key Credentials - Level https://github.com/w3c/webauthn/issues/1794 [type:editorial] [stat:pr-open]
Pull requests
-------------
* w3c/webauthn (+1/-4/💬22)
1 pull requests submitted:
- Reference CTAP 2.1 Proposed Standard (by selfissued)
https://github.com/w3c/webauthn/pull/1961
7 pull requests received 22 new comments:
- #1957 devicePubKey → supplementalPubKeys (11 by agl, arianvp, dwaite, rlin1, sbweeden, ve7jtb)
https://github.com/w3c/webauthn/pull/1957 [type:technical]
- #1953 Add packed attestation optional firmware version attribute (2 by agl, sbweeden)
https://github.com/w3c/webauthn/pull/1953 [type:technical] [type:editorial]
- #1951 Initial text for conditional create (2 by MasterKale, pascoej)
https://github.com/w3c/webauthn/pull/1951 [type:technical]
- #1950 Add `compound` attestation format (1 by timcappalli)
https://github.com/w3c/webauthn/pull/1950 [type:technical] [@Risk]
- #1946 [Meta] Hard-code HKDF in PRF importCryptoKey (1 by emlun)
https://github.com/w3c/webauthn/pull/1946 [type:technical] [subtype:extensions] [process:meta-pr] [@Risk]
- #1945 Add importCryptoKey input to PRF extension (3 by MasterKale, agl, emlun)
https://github.com/w3c/webauthn/pull/1945 [type:technical] [subtype:extensions] [@Risk]
- #1923 Add new getClientCapabilities method (2 by timcappalli)
https://github.com/w3c/webauthn/pull/1923 [type:technical]
4 pull requests merged:
- Clarify distinction between PublicKeyCredentialUserEntity name and displayName
https://github.com/w3c/webauthn/pull/1932 [type:editorial]
- Delete outdated note about checking registration UV with PRF extension
https://github.com/w3c/webauthn/pull/1944 [type:editorial]
- Reference CTAP 2.1 Proposed Standard
https://github.com/w3c/webauthn/pull/1961
- Fix broken spec references
https://github.com/w3c/webauthn/pull/1955 [type:editorial]
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webauthn
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 12 September 2023 17:00:51 UTC