- From: Adam Langley <noreply@github.com>
- Date: Wed, 11 Dec 2024 12:06:43 -0800
- To: public-webauthn@w3.org
Branch: refs/heads/main
Home: https://github.com/w3c/webauthn
Commit: 804cece99aa047cc2c84af0d484e1a357cd88050
https://github.com/w3c/webauthn/commit/804cece99aa047cc2c84af0d484e1a357cd88050
Author: Emil Lundberg <emil@yubico.com>
Date: 2024-11-27 (Wed, 27 Nov 2024)
Changed paths:
M index.bs
Log Message:
-----------
Fix reference to $$attStmtType in definition of attestation statement formats
Commit: e6a998eb823871d7f6f7d51ebd0bfe4b8cdc68d2
https://github.com/w3c/webauthn/commit/e6a998eb823871d7f6f7d51ebd0bfe4b8cdc68d2
Author: Emil Lundberg <emil@yubico.com>
Date: 2024-11-27 (Wed, 27 Nov 2024)
Changed paths:
M index.bs
Log Message:
-----------
Formalize attStmtTemplate as more correct CDDL
I don't think the expression `attStmtTemplate .within $$attStmtType`
successfully encodes the intent "Every attestation statement format must have
the above fields", for two reasons: it does not define a CDDL rule since it
contains no = sign, and even if it did, the `.within` control operator would apply
only to the new type defined by that rule, but not to the `attObj` type.
CDDL generally makes a distinction between types and groups, and only mentions
control operators applying to types, so I don't think we can apply `.within` to
`$$attStmtType` directly. This is why we need to duplicate the `authData` field
in `attStmtTemplate`.
Commit: 9b161676e556d1f855d4bfc3b9819bf32e2227fd
https://github.com/w3c/webauthn/commit/9b161676e556d1f855d4bfc3b9819bf32e2227fd
Author: Emil Lundberg <emil@yubico.com>
Date: 2024-11-27 (Wed, 27 Nov 2024)
Changed paths:
M index.bs
Log Message:
-----------
Allow attStmt to be of array type
This is required by the new "compound" attestation statement format.
Commit: 8b29bec5a3db3f803478403a7ec41c80bec0d28e
https://github.com/w3c/webauthn/commit/8b29bec5a3db3f803478403a7ec41c80bec0d28e
Author: Emil Lundberg <emil@yubico.com>
Date: 2024-11-27 (Wed, 27 Nov 2024)
Changed paths:
M index.bs
Log Message:
-----------
Fix .within operator in nonCompountAttStmt
[CDDL][1] defines that:
>A map matches a specification given as a group when the group matches
>a sequence of name/value pairs such that all of these name/value
>pairs are present in the map and the map has no name/value pair that
>is not covered by the group.
Therefore the control `.within { fmt: text .ne "compound" }` forbids any maps
that contain additional fields besides `fmt`, which is clearly not what was
intended.
[1]: https://datatracker.ietf.org/doc/html/rfc8610#section-2.1
Commit: 3bc830109a1092de107fefc557b33f182e358775
https://github.com/w3c/webauthn/commit/3bc830109a1092de107fefc557b33f182e358775
Author: Adam Langley <agl@google.com>
Date: 2024-12-11 (Wed, 11 Dec 2024)
Changed paths:
M index.bs
Log Message:
-----------
Merge pull request #2216 from w3c/issue-2210-compound-attStmtTemplate
Fix CDDL inconsistencies in attStmtType and compound format
Compare: https://github.com/w3c/webauthn/compare/81077df3d88c...3bc830109a10
To unsubscribe from these emails, change your notification settings at https://github.com/w3c/webauthn/settings/notifications
Received on Wednesday, 11 December 2024 20:06:47 UTC