public-webauthn@w3.org from October 2025 by subject

10/01/2025 W3C Web Authentication Meeting Agenda

10/08/2025 W3C Web Authentication Meeting Agenda

10/22/2025 W3C Web Authentication Meeting Agenda

10/29/2025 W3C Web Authentication Meeting Agenda

[w3c/webauthn]

[w3c/webauthn] 06672f: Recode test vectors to omit base64url padding

[w3c/webauthn] 06d2f7: chore: Adds a CSpell configuration (#2353)

[w3c/webauthn] 27439f: Merge pull request #2348 from w3c/nsatragno-patch-1

[w3c/webauthn] 2aaadc: Update .cspell/names.txt

[w3c/webauthn] 5c1b16: chore: Adds a CSpell configuration (#2353)

[w3c/webauthn] 64c16e: Merge pull request #2356 from w3c/fold-l3-change-h...

[w3c/webauthn] 7fa9be: Fix typo

[w3c/webauthn] 80d6e2: Merge pull request #2354 from w3c/tc-typos

[w3c/webauthn] 8e4f54: Adds addt'l recs for getCC privacy considerations

[w3c/webauthn] 952ac4: Rename extra_client_data to extraData_random in te...

[w3c/webauthn] aa2217: typos

[w3c/webauthn] b87ce1: Merge pull request #2346 from w3c/test-vectors-ext...

[w3c/webauthn] c9660b: add cspell config and dicts

[w3c/webauthn] d1f88c: Include base64url encoding of extra_client_data in...

[w3c/webauthn] d392f2: Fold changes since L3WD2 into changes since L2

[webauthn] 16.2. ES256 Credential with No Attestation test vector misses extraData content (#2345)

[webauthn] [L3 CR] Horizontal Review: Security & Privacy (#2244)

[webauthn] [L3 CR] Transition Request Draft (#2355)

[webauthn] [WIP] Add `requestUserInfo` (#2358)

[webauthn] Add Credential Manager Trust Group Key (CMTG) extension (#2338)

[webauthn] Add Relationship Public Key (RPK) (#2338)

[webauthn] Add Signal API (#2093)

[webauthn] Additional privacy recommendations for getClientCapabilities (#2357)

[webauthn] Allow immediate mediation (#2228)

[webauthn] Closed Pull Request: Create SECURITY.md for security policy

[webauthn] Consider RP ID migration use cases (#2350)

[webauthn] Discovery of migrated credentials (#2340)

[webauthn] document and mitigate fingerprinting and disclosure risk of capabilities and extensions (#2320)

[webauthn] FallbackURLextension to support Hybrid Cross device Passkeys not found use cases (#2341)

[webauthn] Feature Request: disableAutoSelect for PublicKeyCredentialRequestOptions (#2335)

[webauthn] Feature: Allow RP to opt out of certain transports (#2349)

[webauthn] Fold changes since L3WD2 into changes since L2 (#2356)

[webauthn] Hybrid transport opt-out and ability for verifiable proof (#2349)

[webauthn] Malware (#2343)

[webauthn] Mechanism for encoding *direction* metadata may need more work (#1644)

[webauthn] Merged Pull Request: chore: Adds a CSpell configuration

[webauthn] Merged Pull Request: Fix typo

[webauthn] Merged Pull Request: Fixes some typos

[webauthn] Merged Pull Request: Fold changes since L3WD2 into changes since L2

[webauthn] Merged Pull Request: Include base64url encoding of extra_client_data in test vectors; regenerate without b64 padding

[webauthn] naming of hints is confusing (#2322)

[webauthn] Need to have authenticator-only extensions (#2331)

[webauthn] new commits pushed by emlun

[webauthn] new commits pushed by github-actions[bot]

[webauthn] new commits pushed by nsatragno

[webauthn] new commits pushed by timcappalli

[webauthn] Numbering in the step needs update in 7.1. Registering a New Credential (#2030)

[webauthn] Prepare for CR (#2225)

[webauthn] privacy implications of cross-origin iframe (#2321)

[webauthn] Pull Request: [WIP] Add `requestUserInfo`

[webauthn] Pull Request: Additional privacy recommendations for getClientCapabilities

[webauthn] Pull Request: chore: Adds a CSpell configuration

[webauthn] Pull Request: Create SECURITY.md for security policy

[webauthn] Pull Request: Fix typo

[webauthn] Pull Request: Fixes some typos

[webauthn] Pull Request: Fold changes since L3WD2 into changes since L2

[webauthn] Pull Request: Include base64url encoding of extra_client_data in test vectors

[webauthn] Re-Open "confirmation" discussion (see PR#2020) (#2352)

[webauthn] Same PRF regardless of UV? (#2337)

[webauthn] Spec doesn't build with bikeshed 5.0.3 or higher (#2351)

[webauthn] thalinda (#2347)

[webauthn] Trailing position of metadata (#1646)

[webauthn] Unicode "tag" characters are deprecated for language tagging (#1642)

[webauthn] Update: COSE elliptic curve signatures 'in the wild' from small RustyKey® alpha-test user base (#2339)

[webauthn] Use of in-field metadata not preferred (#1643)

[webauthn] user verification discouraged should consider privacy impact or UA advice (#2323)

[webauthn] WebAuthn account creation API (#2336)

[webauthn] WebAuthn requestUserInfo -- easier account creation (#2336)

[webauthn] WebAuthn requirePlatformBackupEligibleCredential (#2342)

Closed: [webauthn] 16.2. ES256 Credential with No Attestation test vector misses extraData content (#2345)

Closed: [webauthn] [L3 CR] Horizontal Review: Security & Privacy (#2244)

Closed: [webauthn] Feature Request: disableAutoSelect for PublicKeyCredentialRequestOptions (#2335)

Closed: [webauthn] Malware (#2343)

Closed: [webauthn] Merge changes since L3WD2 into changes since L2 (#2302)

Closed: [webauthn] naming of hints is confusing (#2322)

Closed: [webauthn] Spec doesn't build with bikeshed 5.0.3 or higher (#2351)

Closed: [webauthn] thalinda (#2347)

Closed: [webauthn] WebAuthn requirePlatformBackupEligibleCredential (#2342)

Event Canceled: Web Authentication weekly

Event Updated: Web Authentication weekly

Weekly github digest (WebAuthn)

Last message date: Friday, 31 October 2025 21:33:54 UTC