Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / w3c/webauthn issues and pull requests
#2058 - Don't zero platform-authenticator AAGUIDs.
Pull Request -
State: closed - Opened by agl 5 months ago
- 4 comments
Labels: type:technical
#2052 - Adds timeSinceUv extension
Pull Request -
State: open - Opened by timcappalli 6 months ago
- 9 comments
Labels: stat:Blocked
#2047 - Help RP's understand actionable exceptions from `create()` and `get()`
Pull Request -
State: closed - Opened by MasterKale 6 months ago
- 8 comments
Labels: type:editorial
#2047 - Help RP's understand actionable exceptions from `create()` and `get()`
Pull Request -
State: closed - Opened by MasterKale 6 months ago
- 8 comments
Labels: type:editorial
#2045 - Editorial convention: Semantic line breaks
Issue -
State: closed - Opened by emlun 7 months ago
- 3 comments
Labels: type:editorial, type:process, @Risk
#2040 - adds Related Origin Requests
Pull Request -
State: closed - Opened by timcappalli 7 months ago
- 11 comments
#2038 - How to guarantee created resident key is actually received by RP in adverse networking conditions?
Issue -
State: closed - Opened by arianvp 7 months ago
- 7 comments
Labels: type:technical, type:editorial
#2034 - New Authenticator Extension: Time Since UV
Issue -
State: open - Opened by timcappalli 7 months ago
- 6 comments
Labels: type:technical, stat:Blocked
#2033 - Updated contributors with Tim & Anders
Pull Request -
State: closed - Opened by abergs 7 months ago
Labels: type:editorial
#2027 - Fix indentation of step to invoke authenticatorMakeCredential
Pull Request -
State: closed - Opened by emlun 8 months ago
Labels: type:editorial
#2026 - Defining new OIDs to facilitate WebAuthn interoperability with CMS
Issue -
State: closed - Opened by corrideat 8 months ago
- 2 comments
Labels: type:editorial, @Risk
#2025 - Invoking the authenticatorMakeCredential operation clarification
Issue -
State: closed - Opened by dimitribouniol 8 months ago
- 2 comments
Labels: type:editorial, stat:pr-open
#2024 - Make user.displayName optional?
Issue -
State: open - Opened by emlun 8 months ago
- 1 comment
Labels: type:technical
#2023 - Reflect caching of user verification in WebAuthn assertion
Issue -
State: open - Opened by rlin1 8 months ago
- 7 comments
Labels: type:technical, stat:Blocked
#2022 - Revised txAuthSimple extension
Issue -
State: open - Opened by rlin1 8 months ago
- 1 comment
Labels: type:technical
#2021 - Acceptable UV caching time affordance extension added
Pull Request -
State: open - Opened by rlin1 8 months ago
- 9 comments
Labels: stat:Blocked
#2020 - Improved version of extension for Transaction Confirmation
Pull Request -
State: open - Opened by rlin1 8 months ago
- 2 comments
Labels: type:technical
#2019 - Adding example of localhost as allowed host/origin
Pull Request -
State: closed - Opened by abergs 8 months ago
Labels: type:editorial
#2018 - Adding flexibility in client origin scheme validation to align with real world implementations
Pull Request -
State: closed - Opened by abergs 8 months ago
- 7 comments
Labels: type:technical
#2017 - Explicitly specify binary encoding for string truncation
Pull Request -
State: open - Opened by emlun 9 months ago
#2016 - Clarify usage of credentialRecord.transports
Issue -
State: open - Opened by jameshartig 9 months ago
- 5 comments
Labels: type:editorial
#2015 - Fix Bikeshed lint
Pull Request -
State: closed - Opened by emlun 9 months ago
Labels: type:editorial
#2014 - Fix references to reserved tokenBinding member
Pull Request -
State: closed - Opened by emlun 9 months ago
- 1 comment
Labels: type:editorial
#2013 - Refine JSON serialization to use UTF-8 encoding for `user.id` and `userHandle`
Issue -
State: closed - Opened by MasterKale 9 months ago
- 10 comments
Labels: type:technical
#2012 - Expand upon the definition of "unsigned extension outputs"
Pull Request -
State: closed - Opened by agl 9 months ago
Labels: type:editorial
#2011 - Mark SPK's `signatures` output as required.
Pull Request -
State: closed - Opened by agl 9 months ago
Labels: type:technical
#2010 - Conditional UI support by WebAuthn WebDriver Extension
Issue -
State: closed - Opened by ynojima 9 months ago
- 2 comments
Labels: stat:Discuss, subtype:FeatureProposal
#2009 - Correct capitalization on "Github"
Pull Request -
State: closed - Opened by MasterKale 10 months ago
Labels: type:editorial
#2008 - Update index.html
Pull Request -
State: closed - Opened by TylerJMorg 10 months ago
- 2 comments
#2007 - Consider replacing "Github" with "GitHub"
Issue -
State: closed - Opened by TylerJMorg 10 months ago
- 2 comments
Labels: type:editorial
#2006 - Cambios por abuso
Issue -
State: closed - Opened by JuanMahnjn 10 months ago
- 2 comments
Labels: type:editorial
#2005 - Disambiguate "this value" in authenticatorDisplayName description
Pull Request -
State: closed - Opened by emlun 10 months ago
Labels: type:editorial
#2004 - Reference CTAP 2.1 errata spec
Pull Request -
State: closed - Opened by selfissued 10 months ago
#2003 - Fix references to credential private key that should be credential source
Pull Request -
State: closed - Opened by emlun 10 months ago
Labels: type:editorial
#2002 - Wrong type of encrypted content specified for credentialId under "Credential Storage Modality" section
Issue -
State: closed - Opened by sylph01 10 months ago
- 1 comment
Labels: type:editorial, stat:pr-open
#2001 - Fix incorrect reference in Add Virtual Authenticator
Pull Request -
State: closed - Opened by emlun 10 months ago
Labels: type:technical, type:editorial, subtype:algorithms/WebIDL
#2000 - Clarify validation step for packed attestation certificate for RPs.
Pull Request -
State: closed - Opened by sbweeden 10 months ago
Labels: type:editorial
#1999 - Add backup flags to virtual authenticator
Pull Request -
State: closed - Opened by nsatragno 11 months ago
- 1 comment
Labels: type:technical
#1998 - How is an RP to know if a packed attestation root certificate is used for multiple authenticator models?
Issue -
State: closed - Opened by sbweeden 11 months ago
- 2 comments
Labels: type:technical
#1997 - Drop assertion-time attestation.
Pull Request -
State: closed - Opened by agl 11 months ago
- 3 comments
Labels: type:technical
#1996 - Resolve conflicts between spk (#1957) and PR #1970
Pull Request -
State: closed - Opened by emlun 11 months ago
- 1 comment
Labels: process:meta-pr
#1995 - Add credProps client processing step to set authenticatorDisplayName
Pull Request -
State: closed - Opened by emlun 11 months ago
Labels: type:technical, subtype:extensions, process:meta-pr
#1994 - rp.name, user.name and user.displayName length limit does not state binary encoding
Issue -
State: open - Opened by emlun 11 months ago
- 2 comments
Labels: type:technical, i18n-needs-resolution, stat:pr-open
#1993 - Inconsistent Passkey Authentication in Google Chrome
Issue -
State: closed - Opened by CyberCtzn 11 months ago
- 5 comments
Labels: type:technical
#1992 - Add note about typical autocomplete combos for conditional UI
Pull Request -
State: closed - Opened by MasterKale 11 months ago
- 7 comments
Labels: type:technical, type:editorial
#1991 - Don't define a [[preventSilentAccess]] internal method
Pull Request -
State: closed - Opened by emlun 11 months ago
Labels: type:editorial
#1990 - >
Issue -
State: closed - Opened by carlena3497 11 months ago
- 1 comment
#1989 - Deprecation warning for fido-u2f, apple, and android-safetynet?
Issue -
State: closed - Opened by vanbukin 12 months ago
- 6 comments
Labels: type:technical
#1988 - Allow use of credProps extension during auth
Pull Request -
State: closed - Opened by MasterKale 12 months ago
- 1 comment
#1987 - Virtual Authenticator API does not expose a way to set backup-eligible or backup-status flags
Issue -
State: closed - Opened by MasterKale 12 months ago
- 9 comments
Labels: type:technical
#1986 - Tweaks for bikeshed
Pull Request -
State: closed - Opened by plehegar 12 months ago
Labels: type:editorial
#1985 - [meta-PR] Retain both aaguid definitions
Pull Request -
State: closed - Opened by emlun 12 months ago
Labels: type:editorial, process:meta-pr
#1984 - create() and get() return an algorithm, not a credential
Issue -
State: open - Opened by emlun 12 months ago
- 1 comment
Labels: type:editorial
#1983 - Update GitHub Actions workflow
Pull Request -
State: closed - Opened by VoltrexKeyva 12 months ago
- 3 comments
Labels: process:meta-pr
#1982 - Spec is not specific enough about order of conditional UI autofill tokens
Issue -
State: closed - Opened by MasterKale 12 months ago
- 1 comment
Labels: type:editorial
#1981 - Remove [SameObject] attribute from PublicKeyCredential.authenticatorAttachment
Pull Request -
State: closed - Opened by emlun 12 months ago
Labels: type:technical, subtype:algorithms/WebIDL
#1980 - Ambiguous instructions in the Android Key Attestation Statement Format verification procedure
Issue -
State: closed - Opened by vanbukin about 1 year ago
- 8 comments
Labels: type:technical, @Risk
#1979 - Are notes in webauthn normative or informative?
Issue -
State: open - Opened by plehegar about 1 year ago
- 1 comment
Labels: type:editorial
#1976 - Provide a way for Web Extensions to hook into browser's Passkey autofill UI
Issue -
State: open - Opened by arianvp about 1 year ago
- 4 comments
Labels: stat:Discuss, subtype:FeatureProposal
#1972 - Make the default value for the attestation member in assertion options be null
Pull Request -
State: closed - Opened by Kieun about 1 year ago
- 4 comments
Labels: type:technical
#1971 - Highlight that filtering all pubKeyCredParams is an error.
Pull Request -
State: closed - Opened by agl about 1 year ago
Labels: type:editorial
#1970 - update and link to working AAGUID definition
Pull Request -
State: closed - Opened by nicksteele about 1 year ago
- 1 comment
#1968 - Extensions should specify partial dictionaries that modify AuthenticationExtensionsClient{Inputs, Outputs}JSON
Issue -
State: open - Opened by jschanck about 1 year ago
Labels: type:editorial, @Risk
#1967 - [Superset] Updating credential metadata and requesting deletion of stale credentials
Issue -
State: closed - Opened by timcappalli about 1 year ago
- 20 comments
Labels: type:technical, @Risk
#1965 - Code Injection vulnerability from client side
Issue -
State: closed - Opened by AdityaMitra5102 about 1 year ago
- 18 comments
Labels: type:technical
#1964 - Further clarification of Unsigned Extension Outputs
Issue -
State: closed - Opened by bobknowscode about 1 year ago
- 1 comment
Labels: type:editorial
#1962 - Should credentials requested with attestation=none include an AAGUID?
Issue -
State: open - Opened by pascoej about 1 year ago
- 7 comments
Labels: type:technical, type:editorial, @Risk
#1958 - PublicKeyCredentialJSON is an invalid WebIDL construct
Issue -
State: closed - Opened by petervanderbeken about 1 year ago
- 3 comments
Labels: type:technical
#1957 - devicePubKey → supplementalPubKeys
Pull Request -
State: closed - Opened by agl about 1 year ago
- 16 comments
Labels: type:technical
#1956 - [[preventSilentAccess]] seems incorrect
Issue -
State: closed - Opened by emlun about 1 year ago
- 2 comments
Labels: type:editorial, stat:pr-open
#1954 - Enterprise packed attestation guidance
Pull Request -
State: closed - Opened by dwaite about 1 year ago
- 10 comments
Labels: type:editorial, @Risk
#1953 - Add packed attestation optional firmware version attribute
Pull Request -
State: open - Opened by dwaite about 1 year ago
- 16 comments
Labels: type:technical, type:editorial
#1952 - Describe firmware OID usage in packed attestation
Issue -
State: open - Opened by dwaite about 1 year ago
Labels: type:technical, stat:pr-open
#1952 - Describe firmware OID usage in packed attestation
Issue -
State: open - Opened by dwaite about 1 year ago
Labels: type:technical
#1951 - Initial text for conditional create
Pull Request -
State: closed - Opened by pascoej about 1 year ago
- 10 comments
Labels: type:technical, type:editorial
#1950 - Add `compound` attestation format
Pull Request -
State: closed - Opened by timcappalli about 1 year ago
- 4 comments
Labels: type:technical, @Risk
#1945 - Add importCryptoKey input to PRF extension
Pull Request -
State: closed - Opened by emlun about 1 year ago
- 8 comments
Labels: type:technical, subtype:extensions, @Risk
#1942 - make username fields optional (do not delete them, but do not force their usage, either, which is hostile against usernameless services)
Issue -
State: closed - Opened by r-jo about 1 year ago
- 16 comments
Labels: type:technical
#1941 - The default value of `attestation` member in `PublicKeyCredentialRequestOptions` should be null or must not have default value
Issue -
State: closed - Opened by Kieun about 1 year ago
- 5 comments
Labels: type:technical, stat:pr-open
#1937 - Remove isPPAA() and expand getClientCapabilities()
Issue -
State: closed - Opened by timcappalli about 1 year ago
- 2 comments
Labels: type:technical, stat:pr-open
#1933 - Indicate that the credential could be backed up and restored, but not synchronized
Issue -
State: closed - Opened by Kieun about 1 year ago
- 7 comments
Labels: type:technical
#1931 - Update Authenticator Definition
Pull Request -
State: closed - Opened by nicksteele about 1 year ago
- 2 comments
Labels: type:editorial
#1929 - Non-modal registration during conditional assertion
Issue -
State: open - Opened by pascoej about 1 year ago
- 12 comments
Labels: stat:Discuss, stat:pr-open, subtype:FeatureProposal, @Risk
#1926 - Clarify TPM attestation verification instructions
Pull Request -
State: closed - Opened by sbweeden about 1 year ago
- 4 comments
Labels: type:technical, @Risk
#1925 - TPM attestation verification steps inconsistent with FIDO conformance testing tool
Issue -
State: closed - Opened by sbweeden about 1 year ago
- 11 comments
Labels: type:technical, stat:pr-open, @Risk
#1923 - Add new getClientCapabilities method
Pull Request -
State: closed - Opened by timcappalli about 1 year ago
- 29 comments
Labels: type:technical, privacy-tracker
#1921 - Adding some sentences to describe credential sharing between multiple users
Issue -
State: open - Opened by Kieun about 1 year ago
- 7 comments
Labels: type:editorial, @Risk
#1917 - Allow desired attestation format to be an ordered list
Issue -
State: closed - Opened by sbweeden about 1 year ago
- 3 comments
Labels: type:technical
#1916 - Describe packed enterprise attestation
Issue -
State: open - Opened by dwaite about 1 year ago
Labels: type:technical
#1916 - Describe packed enterprise attestation
Issue -
State: closed - Opened by dwaite about 1 year ago
Labels: type:technical, stat:pr-open
#1915 - username and display name should not be mandatory (rp, challange either) and OS UX should be simplified if not present
Issue -
State: closed - Opened by r-jo about 1 year ago
- 22 comments
Labels: stat:Discuss, subtype:FeatureProposal
#1913 - Misaligned steps in Section 7.2
Issue -
State: open - Opened by ndpar over 1 year ago
- 4 comments
Labels: type:editorial
#1912 - Update Authenticator Taxonomy examples section
Issue -
State: open - Opened by timcappalli over 1 year ago
Labels: type:editorial
#1912 - Update Authenticator Taxonomy examples section
Issue -
State: open - Opened by timcappalli over 1 year ago
Labels: type:editorial
#1895 - Proposal/discussion: non-extractable CryptoKey output from the prf extension
Issue -
State: closed - Opened by stephen over 1 year ago
- 8 comments
Labels: stat:Discuss, subtype:FeatureProposal, @Risk
#1888 - Clarify browser behavior when an authenticators return equivalent of "InvalidStateError"
Issue -
State: closed - Opened by arnar over 1 year ago
- 8 comments
Labels: type:editorial, @Risk
#1880 - Add authenticatorDisplayName to credProps
Pull Request -
State: closed - Opened by emlun over 1 year ago
- 23 comments
Labels: stat:Discuss, subtype:extensions, subtype:FeatureProposal, @Risk
#1859 - Clarify how to differentiate between exceptions
Issue -
State: closed - Opened by dolda2000 over 1 year ago
- 11 comments
Labels: type:editorial, @Risk
#1857 - Always PRF enabled:false
Issue -
State: closed - Opened by kksingla over 1 year ago
- 7 comments
#1855 - Recommend duration of challenge validity
Pull Request -
State: closed - Opened by emlun over 1 year ago
- 5 comments
Labels: type:editorial