Weekly github digest (WebAuthn) from W3C Webmaster via GitHub API on 2024-11-19 (public-webauthn@w3.org from November 2024)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Tue, 19 Nov 2024 17:00:40 +0000
To: public-webauthn@w3.org
Message-Id: <E1tDRai-00E5Wo-0i@janus.w3.internal>
Issues
------
* w3c/webauthn (+6/-5/💬10)
  6 issues created:
  - "Verify" is undefined (by annevk)
    https://github.com/w3c/webauthn/issues/2208 
  - JSON parsing should be on top of Infra primitives (by annevk)
    https://github.com/w3c/webauthn/issues/2207 
  - Use of "valid domain" seems wrong (by annevk)
    https://github.com/w3c/webauthn/issues/2206 
  - Usage of "effective domain" seems wrong (by annevk)
    https://github.com/w3c/webauthn/issues/2205 
  - AttestationFormats may have duplicate entries (by Kieun)
    https://github.com/w3c/webauthn/issues/2202 [type:editorial] 
  - WebAuthn Clients should pass AAGUIDs from security keys when attestation is none (by timcappalli)
    https://github.com/w3c/webauthn/issues/2198 [type:technical] 

  8 issues received 10 new comments:
  - #2207 JSON parsing should be on top of Infra primitives (2 by annevk, timcappalli)
    https://github.com/w3c/webauthn/issues/2207 
  - #2202 AttestationFormats may have duplicate entries (1 by emlun)
    https://github.com/w3c/webauthn/issues/2202 [type:editorial] 
  - #2198 WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none (1 by emlun)
    https://github.com/w3c/webauthn/issues/2198 [type:technical] 
  - #2192 The authenticator may hide the credential even if the RP signals unknown credentials (2 by Kieun, nsatragno)
    https://github.com/w3c/webauthn/issues/2192 [type:technical] 
  - #2187 Remove authenticatorDisplayName from L3 (1 by emlun)
    https://github.com/w3c/webauthn/issues/2187 [type:technical] 
  - #2169 [[Get]] method doesn't exist in CredMan (1 by emlun)
    https://github.com/w3c/webauthn/issues/2169 [type:editorial] [stat:pr-open] [subtype:credman] 
  - #2153 Bit set by the SPC extension should backed up as part of the Public Key Credential Source (1 by timcappalli)
    https://github.com/w3c/webauthn/issues/2153 [type:technical] [@Risk] 
  - #2151 authenticatorDisplayName should use a localizable language map (1 by emlun)
    https://github.com/w3c/webauthn/issues/2151 [type:technical] 

  5 issues closed:
  - WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none https://github.com/w3c/webauthn/issues/2198 [type:technical] 
  - [[Get]] method doesn't exist in CredMan https://github.com/w3c/webauthn/issues/2169 [type:editorial] [stat:pr-open] [subtype:credman] 
  - authenticatorDisplayName should use a localizable language map https://github.com/w3c/webauthn/issues/2151 [type:technical] 
  - Remove authenticatorDisplayName from L3 https://github.com/w3c/webauthn/issues/2187 [type:technical] [subtype:extensions] [stat:pr-open] 
  - RP operations: some extension processing may assume that the encompassing signature is valid https://github.com/w3c/webauthn/issues/1711 [type:technical] [stat:pr-open] [subtype:rp-ops] [@Risk] 



Pull requests
-------------
* w3c/webauthn (+7/-6/💬6)
  7 pull requests submitted:
  - Merge pull request #2186 from w3c/tc-relatedorigins-tweaks (by agl)
    https://github.com/w3c/webauthn/pull/2201 
  - chore: Small tweak to PR template (by timcappalli)
    https://github.com/w3c/webauthn/pull/2200 
  - WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none  (by ve7jtb)
    https://github.com/w3c/webauthn/pull/2199 
  - Merge branch 'level3' into branch 'main' (by emlun)
    https://github.com/w3c/webauthn/pull/2197 [type:process] 
  - Make NOTEs non-normative (by emlun)
    https://github.com/w3c/webauthn/pull/2196 [type:editorial] 
  - Drop outdated "Issue 1" from spec (by emlun)
    https://github.com/w3c/webauthn/pull/2195 [type:editorial] 
  - Delete authenticatorDisplayName (by emlun)
    https://github.com/w3c/webauthn/pull/2194 [type:technical] [subtype:extensions] 

  3 pull requests received 6 new comments:
  - #2201 Merge pull request #2186 from w3c/tc-relatedorigins-tweaks (3 by agl, emlun, timcappalli)
    https://github.com/w3c/webauthn/pull/2201 
  - #2199 WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none  (1 by emlun)
    https://github.com/w3c/webauthn/pull/2199 
  - #2194 Delete authenticatorDisplayName (2 by emlun, timcappalli)
    https://github.com/w3c/webauthn/pull/2194 [type:technical] [subtype:extensions] 

  6 pull requests merged:
  - WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none 
    https://github.com/w3c/webauthn/pull/2199 
  - Drop outdated "Issue 1" from spec
    https://github.com/w3c/webauthn/pull/2195 [type:editorial] 
  - Delete authenticatorDisplayName
    https://github.com/w3c/webauthn/pull/2194 [type:technical] [subtype:extensions] 
  - Mozilla feedback: Related Origins
    https://github.com/w3c/webauthn/pull/2186 
  - Clarify use creating and verifying TPM attestation statements.  
    https://github.com/w3c/webauthn/pull/2193 [type:editorial] 
  - Move extension processing to after signature verification, and modernize it
    https://github.com/w3c/webauthn/pull/2167 [type:technical] [type:editorial] [subtype:rp-ops] [@Risk] 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webauthn


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 19 November 2024 17:00:40 UTC