public-webauthn@w3.org from January 2024 by subject

01/03/2024 W3C Web Authentication Meeting

01/10/2024 W3C Web Authentication Meeting

01/17/2024 W3C Web Authentication Meeting - CANCELLED

01/24/2024 W3C Web Authentication Meeting

01/31/2024 W3C Web Authentication Meeting

[w3c/webauthn]

[w3c/webauthn] 04f96b: Merge pull request #1923 from w3c/tc-clientfeatmethod

[w3c/webauthn] 06a34c: Merge pull request #2015 from w3c/fix-lint

[w3c/webauthn] 15dad7: Drop assertion-time attestation.

[w3c/webauthn] 281408: Fix references to reserved tokenBinding member

[w3c/webauthn] 296ca5: Mark SPK's `signatures` output as required.

[w3c/webauthn] 2b9add: Remove autolink to nonexistent term "WebAuthn cred...

[w3c/webauthn] 3361ef: Explicitly specify binary encoding for string trun...

[w3c/webauthn] 3f028e: Merge pull request #2009 from w3c/mm/2007-fix-gith...

[w3c/webauthn] 45e274: Merge pull request #1997 from w3c/noatt

[w3c/webauthn] 46a3d5: Expand upon the definition of "unsigned extension ...

[w3c/webauthn] 4969d2: Prune readonly from record

[w3c/webauthn] 4cc067: add getClientCapabilites method and enum

[w3c/webauthn] 51faa8: Merge pull request #2012 from w3c/uxo

[w3c/webauthn] 7650f7: Fix references to reserved tokenBinding member

[w3c/webauthn] 7e66ae: Merge pull request #2011 from w3c/spkrequired

[w3c/webauthn] 872589: Add packed attestation descriotion of the firmware...

[w3c/webauthn] 890cae: .

[w3c/webauthn] 8ea1d6: clarification that client always sends extension t...

[w3c/webauthn] 8f8c7e: Apply suggestion.

[w3c/webauthn] 903620: Remove key sorting requirement

[w3c/webauthn] 9bd286: Correct capitalization on "Github"

[w3c/webauthn] a0cfb6: Delete reference to {{AuthenticatorAttestationResp...

[w3c/webauthn] b0fdc6: Switch to a typedef

[w3c/webauthn] bda342: Merge pull request #1 from w3c/master

[w3c/webauthn] bdb2da: Apply suggestions from review

[w3c/webauthn] cc1a9b: Extract recommended timeout ranges and defaults to...

[w3c/webauthn] def236: Reference CTAP 2.1 errata spec

[w3c/webauthn] ee7990: Add link to Disclocing Client Capabilities section

[w3c/webauthn] ef5438: Allow clients to omit capabilities

[w3c/webauthn] f6d2eb: Restore mandate to sort capabilities

[w3c/webauthn] fbb72d: Apply suggestions from review

[webauthn] [[preventSilentAccess]] seems incorrect (#1956)

[webauthn] Add new getClientCapabilities method (#1923)

[webauthn] Add packed attestation optional firmware version attribute (#1953)

[webauthn] Adding flexibility in client origin scheme validation to align with real world implementations (#2018)

[webauthn] Allow conditional and modal flows to run simultaneously (#1854)

[webauthn] Ambiguous instructions in the Android Key Attestation Statement Format verification procedure (#1980)

[webauthn] Better specify what an unknown type credential descriptor being ignored means (#1748)

[webauthn] Cambios por abuso (#2006)

[webauthn] Clarify browser behavior when an authenticators return equivalent of "InvalidStateError" (#1888)

[webauthn] Clarify how to differentiate between exceptions (#1859)

[webauthn] Clarify TPM attestation verification instructions (#1926)

[webauthn] Closed Pull Request: Make the default value for the attestation member in assertion options be null

[webauthn] Conditional UI support by WebAuthn WebDriver Extension (#2010)

[webauthn] credentialRecord.transports has no purpose (#2016)

[webauthn] Discussing mechanisms for enterprise RP's to enforce bound properties of credentials (#1739)

[webauthn] Enterprise attestaion is a bool in WebAuthn and an Int in CTAP2.1 (#1795)

[webauthn] Extend WebAuthn spec to support interoperability in WebExtensions (#1766)

[webauthn] Fix references to reserved tokenBinding member (#2014)

[webauthn] Indicate that the credential could be backed up and restored, but not synchronized (#1933)

[webauthn] Initial text for conditional create (#1951)

[webauthn] Make the default value for the attestation member in assertion options be null (#1972)

[webauthn] make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services) (#1942)

[webauthn] Merged Pull Request: Add new getClientCapabilities method

[webauthn] Merged Pull Request: Correct capitalization on "Github"

[webauthn] Merged Pull Request: Drop assertion-time attestation.

[webauthn] Merged Pull Request: Expand upon the definition of "unsigned extension outputs"

[webauthn] Merged Pull Request: Fix Bikeshed lint

[webauthn] Merged Pull Request: Mark SPK's `signatures` output as required.

[webauthn] Misaligned steps in Section 7.2 (#1913)

[webauthn] new commits pushed by agl

[webauthn] new commits pushed by dwaite

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by github-actions[bot]

[webauthn] new commits pushed by MasterKale

[webauthn] new commits pushed by rlin1

[webauthn] Proposal/discussion: non-extractable CryptoKey output from the prf extension (#1895)

[webauthn] Pull Request: Adding example of secure context origin, localhost

[webauthn] Pull Request: Adding flexibility in client origin scheme validation to align with real world implementations

[webauthn] Pull Request: Expand upon the definition of "unsigned extension outputs"

[webauthn] Pull Request: Explicitly specify binary encoding for string truncation

[webauthn] Pull Request: Fix Bikeshed lint

[webauthn] Pull Request: Fix references to reserved tokenBinding member

[webauthn] Pull Request: Mark SPK's `signatures` output as required.

[webauthn] Refine JSON serialization to use UTF-8 encoding for `user.id` and `userHandle` (#2013)

[webauthn] Remove isPPAA() and expand getClientCapabilities() (#1937)

[webauthn] Should an RP be able to provide finer grained authenticator filtering in attestation options? (#1688)

[webauthn] Should credentials requested with attestation=none include an AAGUID? (#1962)

[webauthn] Support a "create or get [or replace]" credential re-association operation (#1568)

[webauthn] The default value of `attestation` member in `PublicKeyCredentialRequestOptions` should be null or must not have default value (#1941)

Closed: [webauthn] [[preventSilentAccess]] seems incorrect (#1956)

Closed: [webauthn] Allow conditional and modal flows to run simultaneously (#1854)

Closed: [webauthn] Better specify what an unknown type credential descriptor being ignored means (#1748)

Closed: [webauthn] Clarify browser behavior when an authenticators return equivalent of "InvalidStateError" (#1888)

Closed: [webauthn] Conditional UI support by WebAuthn WebDriver Extension (#2010)

Closed: [webauthn] Consider replacing "Github" with "GitHub" (#2007)

Closed: [webauthn] Further clarification of Unsigned Extension Outputs (#1964)

Closed: [webauthn] Indicate that the credential could be backed up and restored, but not synchronized (#1933)

Closed: [webauthn] make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services) (#1942)

Closed: [webauthn] Proposal/discussion: non-extractable CryptoKey output from the prf extension (#1895)

Closed: [webauthn] Refine JSON serialization to use UTF-8 encoding for `user.id` and `userHandle` (#2013)

Closed: [webauthn] Remove isPPAA() and expand getClientCapabilities() (#1937)

Closed: [webauthn] The default value of `attestation` member in `PublicKeyCredentialRequestOptions` should be null or must not have default value (#1941)

Event Canceled: Web Authentication weekly

Weekly github digest (WebAuthn)

Last message date: Wednesday, 31 January 2024 23:38:35 UTC