- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Wed, 27 Nov 2024 10:48:48 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by emlun to https://github.com/w3c/webauthn: * No credentials or referrer for RoR well-known by Tim Cappalli https://github.com/w3c/webauthn/commit/875486f36312ffe907c25ba8b9ad520aad94c59e * require HTTPS scheme for all well-known calls and redirects by Tim Cappalli https://github.com/w3c/webauthn/commit/241833d9b964e4b4c5b1a82e04d23d9ae9038d77 * Clarified signing and verification procedures for TPM attestation by Monty Wiseman https://github.com/w3c/webauthn/commit/8d690aa48c5dd5ed23de4724aa8a302e6ae9a4de * Minor formatting fixes by Monty Wiseman https://github.com/w3c/webauthn/commit/e51255db9de99e86544b02771940b7b471a7c3f7 * Add note that qualifiedSigner, clockInfo, and firmwareVersion may be obfuscated. by Monty Wiseman https://github.com/w3c/webauthn/commit/4d5c9ea96b0a81692436b9f535a4d2f2d0420ffc * Change verify to check sig of certInfo before processing it by Monty Wiseman https://github.com/w3c/webauthn/commit/73435ba83e68f4d669c52beeff2db69d168203d1 * Disallow HardwareModuleName in attestation certificate's SAN. Update referece to EK-Profile to current version. by Monty Wiseman https://github.com/w3c/webauthn/commit/96e5e072fa1cfcf22fcaca25af3a5997b2f06460 * Correct spelling by Monty Wiseman https://github.com/w3c/webauthn/commit/1314870b7b60a00ceee1a1f3598c3b8085b7d70c * Merge branch 'w3c:main' into main by Monty Wiseman https://github.com/w3c/webauthn/commit/21d38c0acecbf5fc4e608e379e07b71999793321 * Delete authenticatorDisplayName by Emil Lundberg https://github.com/w3c/webauthn/commit/26ae8150418cbfc2b9c48042d9607d8bf4b6d64a * Drop outdated "Issue 1" from spec This issue was originally added in commit 931b46eece69f5d780ce4b317e3a377a3a67f85c in 2017. The referenced discussion seems to have stalled shortly thereafter, so this issue is most likely no longer relevant. by Emil Lundberg https://github.com/w3c/webauthn/commit/e2923ba1e40d3a8a82a04685dbde14e9acc37be4 * Further clarification of nameAlg in TPMS_CERTIFY_INFO structure and PublicArea by Monty Wiseman https://github.com/w3c/webauthn/commit/9618b97762365855aa2d52e1992a1ab66cc1f8dc * Revert extending credProps to apply to authentication ceremonies This reverts commits 76e88e1d80947284a422894fe81d686f478ed67b and 2472df637429f96be24dcb361df087c1cbaa50bb. by Emil Lundberg https://github.com/w3c/webauthn/commit/1ef1781f943af27deb2491180e0ab5e3d3c09eb4 * Restore note that only one credential property is defined by Emil Lundberg https://github.com/w3c/webauthn/commit/9ac5dad2ef0b3cf8cac29b06996a257b0c6b78a6 * Fix undefined reference to client-side discoverable credential property by Emil Lundberg https://github.com/w3c/webauthn/commit/92ccb542574e532ad33a4d2e0913224599b91251 * Merge pull request #2193 from mwiseman-byid/main Clarify use creating and verifying TPM attestation statements. by Shane Weeden https://github.com/w3c/webauthn/commit/0633494704a6319cdfd7b03fb8ff782e01e5b481 * Merge pull request #2186 from w3c/tc-relatedorigins-tweaks Mozilla feedback: Related Origins by Tim Cappalli https://github.com/w3c/webauthn/commit/b287006438e4522132b0b6419ace3818d914f984 * Merge pull request #2194 from w3c/issue-2187-drop-credentialRecord-authenticatorDisplayName Delete authenticatorDisplayName by Emil Lundberg https://github.com/w3c/webauthn/commit/fd53e2c3d890118f7dd022a143927b815073f441 * Merge pull request #2195 from w3c/stalled-spec-issue-1 Drop outdated "Issue 1" from spec by Michael B. Jones https://github.com/w3c/webauthn/commit/814e03a24c87b89e3500758370f572038ff9a10f * Update index.bs Allow the passing of the aaguid for all Authenticators, not just the platform ones. by John Bradley https://github.com/w3c/webauthn/commit/5d74429fba21da5c194489e7d74c14efc220b7cf * Small tweak to PR template Adds missing close paren by Tim Cappalli https://github.com/w3c/webauthn/commit/0bf6ddb51db0e4293c857b54bcfef7b7781370b9 * Merge pull request #2199 from w3c/ve7jtb-Fix-2198-WebAuthn-Clients-should-NOT-zero-out-AAGUIDs-from-security-keys-when-attestation-is-none- WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none by Emil Lundberg https://github.com/w3c/webauthn/commit/654d38406a07133d2788a316f4f590a40578159b * Merge pull request #2200 from w3c/timcappalli-patch-1 chore: Small tweak to PR template by Tim Cappalli https://github.com/w3c/webauthn/commit/e2987a9e30186cf588ad262a904b535b896aaaee * Merge pull request #2197 from w3c/level3 Merge branch 'level3' into branch 'main' by Emil Lundberg https://github.com/w3c/webauthn/commit/3bba180028005ff7cbb60ae4cff6330dde0398a0 * Merge branch 'main' into issue-1979-notes by Emil Lundberg https://github.com/w3c/webauthn/commit/e1428eee68bf3cae8cb485267a114f1824c8d962 -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 27 November 2024 10:48:49 UTC