Saturday, 30 September 2023
Friday, 29 September 2023
- [w3c/webauthn] 0b011e: Update capitalisation as requested.
- [webauthn] new commits pushed by agl
- [w3c/webauthn] 53e8d8: Incorporate Emil's changes
- [webauthn] new commits pushed by timcappalli
- Re: [webauthn] Add packed attestation optional firmware version attribute (#1953)
Thursday, 28 September 2023
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
Wednesday, 27 September 2023
- Re: [webauthn] Fix broken PublicKeyCredentialJSON WebIDL definition (#1969)
- [webauthn] Closed Pull Request: Specify what an unknown type credential descriptor being ignored means
- Re: [webauthn] Specify what an unknown type credential descriptor being ignored means (#1966)
- [webauthn] Are notes in webauthn normative or informative? (#1979)
- [webauthn] Pull Request: Tweaks for bikeshed
- [w3c/webauthn] fa2889: Tweaks for bikeshed
- [webauthn] new commits pushed by plehegar
- [w3c/webauthn] 405b7d: Merge pull request #1973 from Kieun/add-myself-as-...
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn] 952de8: Merge pull request #1975 from pascoej/fix-bikeshed...
- [w3c/webauthn] 3d2a59: Add myself to the contributors
- [webauthn] new commits pushed by github-actions[bot]
- [webauthn] new commits pushed by MasterKale
- [webauthn] Merged Pull Request: Add myself to the contributors
- [w3c/webauthn] 4207bd: When installing the newest version of bikeshed, th...
- Closed: [webauthn] The bike shed build is broken with the newest version (#1974)
- [webauthn] new commits pushed by pascoej
- [webauthn] Merged Pull Request: Fix the bikeshed build
- [webauthn] Remove the [SameObject] attribute from PublicKeyCredential::authenticatorAttachment (#1977)
- 09/27/2023 W3C Web Authentication Meeting
Tuesday, 26 September 2023
- Weekly github digest (WebAuthn)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Provide a way for Web Extensions to hook into browser's Passkey autofill UI (#1976)
- [webauthn] Provide a way for Web Extensions to hook into browser's Passkey autofill UI (#1976)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
Monday, 25 September 2023
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Initial text for conditional create (#1951)
- Re: [webauthn] [Superset] Updating credential metadata and requesting deletion of stale credentials (#1967)
Saturday, 23 September 2023
Friday, 22 September 2023
- [webauthn] Pull Request: Fix the bikeshed build
- [webauthn] The bike shed build is broken with the newest version (#1974)
- Re: [webauthn] Add myself to the contributors (#1973)
- [webauthn] Pull Request: Add myself to the contributors
- [webauthn] Pull Request: Make the default value for the attestation member in assertion options be null
Thursday, 21 September 2023
- Re: [webauthn] Specify what an unknown type credential descriptor being ignored means (#1966)
- [webauthn] Pull Request: Highlight that filtering all pubKeyCredParams is an error.
- [w3c/webauthn] 254d00: Highlight that filtering all pubKeyCredParams is a...
- [webauthn] new commits pushed by agl
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
- Re: [webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)
Wednesday, 20 September 2023
- Re: [webauthn] update and link to working AAGUID definition (#1970)
- [w3c/webauthn] f5ea86: Remove the requirement that SPK be used only with ...
- [webauthn] new commits pushed by agl
- [w3c/webauthn] b5a7fc: add for
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] ed80f7: address Mike's comment about IANA reference
- [webauthn] new commits pushed by timcappalli
- Re: [webauthn] Add importCryptoKey input to PRF extension (#1945)
- [w3c/webauthn] 49e91d: Merge pull request #1948 from Kieun/kieun-1947
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn] 480013: Fix inconsistent usage of options variable
- Closed: [webauthn] Inconsistent variable reference of attestation and attestationFormats in the steps (#1947)
- [webauthn] Merged Pull Request: Fix inconsistent usage of options variable
- [webauthn] new commits pushed by agl
- [webauthn] Pull Request: update and link to working AAGUID definition
- [w3c/webauthn] c7de61: update and link to working AAGUID definition
- [webauthn] new commits pushed by nicksteele
- [webauthn] Pull Request: Fix broken PublicKeyCredentialJSON WebIDL definition
- [w3c/webauthn] 8af038: Swap out union type for object w/comment
- [webauthn] new commits pushed by MasterKale
- [webauthn] Extensions should specify partial dictionaries that modify AuthenticationExtensionsClient{Inputs, Outputs}JSON (#1968)
- Event Invitation: Web Authentication weekly
- Event Invitation: Web Authentication weekly
- Event Invitation: Web Authentication weekly
- 09/20/2023 W3C Web Authentication Meeting
Tuesday, 19 September 2023
- Closed: [webauthn] Specify authenticator attachment for authentication operation (#1267)
- Re: [webauthn] Specify authenticator attachment for authentication operation (#1267)
- [w3c/webauthn] 36951f: rouge word
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] 9bd2a6: add must have two or more
- [webauthn] new commits pushed by timcappalli
- Closed: [webauthn] FIDO credential decommissioning (#1696)
- Re: [webauthn] FIDO credential decommissioning (#1696)
- Closed: [webauthn] Personal information updates & webauthn (#1456)
- Re: [webauthn] Personal information updates & webauthn (#1456)
- Closed: [webauthn] Facility for an RP to indicate a change of displayName to a discoverable credential (#1779)
- Re: [webauthn] Facility for an RP to indicate a change of displayName to a discoverable credential (#1779)
- Closed: [webauthn] Cleanup when creating discoverable credentials with attestations (#1560)
- Re: [webauthn] Cleanup when creating discoverable credentials with attestations (#1560)
- [webauthn] [Superset] Updating credential metadata and requesting deletion of stale credentials (#1967)
- Re: [webauthn] Specify authenticator attachment for authentication operation (#1267)
- Weekly github digest (WebAuthn)
- Re: [webauthn] Should credentials requested with attestation=none include an AAGUID? (#1962)
Monday, 18 September 2023
- [w3c/webauthn] 21ae2d: any attestation type in spec
- [webauthn] new commits pushed by timcappalli
- Re: [webauthn] Specify what an unknown type credential descriptor being ignored means (#1966)
- [webauthn] Pull Request: Specify what an unknown type credential descriptor being ignored means
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
Sunday, 17 September 2023
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
Saturday, 16 September 2023
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- Re: [webauthn] Code Injection vulnerability from client side (#1965)
- [webauthn] Code Injection vulnerability from client side (#1965)
Thursday, 14 September 2023
- Re: [webauthn] Further clarification of Unsigned Extension Outputs (#1964)
- [webauthn] Further clarification of Unsigned Extension Outputs (#1964)
Wednesday, 13 September 2023
- Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358)
- Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358)
- Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358)
Tuesday, 12 September 2023
- Re: [webauthn] Prevent browsers from deleting credentials that the RP wanted to be server-side (#1569)
- Weekly github digest (WebAuthn)
- Re: [webauthn] PublicKeyCredentialParameters can't select curve (E.g. ed448) (#1446)
- Closed: [webauthn] Making PublicKeyCredentialDescriptor.transports mandatory (#1522)
- Re: [webauthn] Making PublicKeyCredentialDescriptor.transports mandatory (#1522)
- Re: [webauthn] reference CTAP2.1 PS spec and fix broken link (#1635)
- Re: [webauthn] Prevent browsers from deleting credentials that the RP wanted to be server-side (#1569)
- Re: [webauthn] Add a way to use webauthn without Javascript (#1255)
- Closed: [webauthn] add feature detection blurb... (#1208)
- Re: [webauthn] add feature detection blurb... (#1208)
- Closed: [webauthn] think about adding note wrt how client platform might obtain authenticator capabilities (#1207)
- Re: [webauthn] think about adding note wrt how client platform might obtain authenticator capabilities (#1207)
- Closed: [webauthn] Recovering from Device Loss (#931)
- Re: [webauthn] Recovering from Device Loss (#931)
- Re: [webauthn] PublicKeyCredentialJSON is an invalid WebIDL construct (#1958)
- Re: [webauthn] Should credentials requested with attestation=none include an AAGUID? (#1962)
- Re: [webauthn] Should credentials requested with attestation=none include an AAGUID? (#1962)
- Re: [webauthn] Proposal/discussion: non-extractable CryptoKey output from the prf extension (#1895)
- [webauthn] Should credentials requested with attestation=none include an AAGUID (#1962)
- [w3c/webauthn]
- [w3c/webauthn] a4b8cd: Merge pull request #1932 from w3c/1852-emphasize-u...
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn]
- [w3c/webauthn] ec9dd1: Emphasize user.name as primary identifier
- Closed: [webauthn] Emphasize use of `user.name` for RP's to help users distinguish credentials (#1852)
- [webauthn] new commits pushed by MasterKale
- [webauthn] Merged Pull Request: Clarify distinction between PublicKeyCredentialUserEntity name and displayName
- Re: [webauthn] Add importCryptoKey input to PRF extension (#1945)
- [w3c/webauthn] 7ad822: Merge pull request #1944 from w3c/prf-always-uv
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn] ff7634: Revert "Delete outdated note about checking regist...
- [w3c/webauthn]
- [webauthn] new commits pushed by nicksteele
- [w3c/webauthn] 7b877b: Delete outdated note about checking registration U...
- [webauthn] new commits pushed by nicksteele
- [webauthn] Merged Pull Request: Delete outdated note about checking registration UV with PRF extension
- [w3c/webauthn] b88e3f: Merge pull request #1961 from selfissued/mbj-refer...
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn] efe2c2: Reference CTAP 2.1 Proposed Standard
- [webauthn] new commits pushed by timcappalli
- [webauthn] Merged Pull Request: Reference CTAP 2.1 Proposed Standard
- Re: [webauthn] Cleanup when creating discoverable credentials with attestations (#1560)
Monday, 11 September 2023
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] Add support for SRP (or some other PAKE) in WebAuthn (#1960)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] PublicKeyCredentialJSON is an invalid WebIDL construct (#1958)
- Re: [webauthn] PublicKeyCredentialJSON is an invalid WebIDL construct (#1958)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- [webauthn] Pull Request: Reference CTAP 2.1 Proposed Standard
- Re: [webauthn] Initial text for conditional create (#1951)
- Event Updated: Web Authentication WG
Saturday, 9 September 2023
Friday, 8 September 2023
- Re: [webauthn] Add support for SRP (or some other PAKE) in WebAuthn (#1960)
- Closed: [webauthn] Add support for SRP (or some other PAKE) in WebAuthn (#1960)
- Re: [webauthn] Add support for SRP (or some other PAKE) in WebAuthn (#1960)
- [webauthn] Add support for SRP (or some other PAKE) in WebAuthn (#1960)
- Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358)
- Re: [webauthn] Could not use Webauthn `PublicKeyCredential.create` when the RP ID is a Host string(ip). (#1358)
Thursday, 7 September 2023
- Re: [webauthn] Add packed attestation optional firmware version attribute (#1953)
- [w3c/webauthn] 699e9d: add conditional-create
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] 5c39e1: spelling
- [webauthn] new commits pushed by timcappalli
Wednesday, 6 September 2023
- Question regarding PRF extension
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- [w3c/webauthn] 04dd9e: Remove `devicePubKey` extension.
- [webauthn] new commits pushed by agl
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] Add importCryptoKey input to PRF extension (#1945)
- [w3c/webauthn]
- Re: [webauthn] [Meta] Hard-code HKDF in PRF importCryptoKey (#1946)
- [webauthn] Closed Pull Request: [Meta] Hard-code HKDF in PRF importCryptoKey
- Re: [webauthn] Add packed attestation optional firmware version attribute (#1953)
- Re: [webauthn] Add importCryptoKey input to PRF extension (#1945)
- Re: [webauthn] Add `compound` attestation format (#1950)
- Re: [webauthn] Add new getClientCapabilities method (#1923)
- [w3c/webauthn] c22e09: Merge pull request #1955 from w3c/issue-1794-broke...
- [webauthn] new commits pushed by github-actions[bot]
- [w3c/webauthn]
- [w3c/webauthn] f6bbe7: Remove outdated spec reference anchors
- Closed: [webauthn] Broken references in Web Authentication: An API for accessing Public Key Credentials - Level (#1794)
- [webauthn] new commits pushed by emlun
- [webauthn] Merged Pull Request: Fix broken spec references
- Re: [webauthn] Initial text for conditional create (#1951)
- [w3c/webauthn] aefe8f: Tweak examples based on feedback
- [webauthn] new commits pushed by MasterKale
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] Add new getClientCapabilities method (#1923)
- [w3c/webauthn] 1fe917: add SecureContext to result
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] 244b54: missing quote
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] 633a2d: first stab at new approach for getClientCapabilities
- [webauthn] new commits pushed by timcappalli
- [w3c/webauthn] d3325e: Singularize "implementation of each of [methods]"
- [webauthn] new commits pushed by emlun
- [webauthn] PublicKeyCredentialJSON is an invalid WebIDL construct (#1958)
- [w3c/webauthn] 3f576e: add validation failure text
- [webauthn] new commits pushed by timcappalli
- 09/06/2023 W3C Web Authentication Meeting
Tuesday, 5 September 2023
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Weekly github digest (WebAuthn)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
Monday, 4 September 2023
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
- Re: [webauthn] devicePubKey → supplementalPubKeys (#1957)
Sunday, 3 September 2023
- [webauthn] Pull Request: devicePubKey → supplementalPubKeys
- [w3c/webauthn] 431fd4: devicePubKey → supplementalPubKeys
- [webauthn] new commits pushed by agl