PR Request for Web Authentication: An API for accessing Public Key Credentials Level 2 #315
Assignees
Labels
Awaiting Publication
Approved by the Director, waiting on publication
Entering PR
Proposed Recommendation
Comments
YubicoDemo
added
[DO NOT USE] Awaiting Director
YubicoDemo
changed the title
YubicoDemo
changed the title
YubicoDemo
changed the title
|
We will produce a Diff after our meeting tomorrow 17 02 2021 |
wseltzer
removed
the
[DO NOT USE] Awaiting Director
wseltzer
added
the
[DO NOT USE] Awaiting Director
|
(waiting on final ack from horizontal groups) |
|
APA closed their issue: https://www.w3.org/2021/02/24-apa-minutes.html#t05 |
|
i18n closed their issue: https://lists.w3.org/Archives/Member/member-i18n-core/2021Feb/0012.html |
|
The cited staged version is missing the added section 15 Accessibility Considerations. (I note that the implementation report actually includes more than 2 browser engines.) Once this is fixed, transition to Proposed Rec is approved. |
swickr
added
Awaiting Team Contact
and removed
[DO NOT USE] Awaiting Director
|
Thank you @swickr. Now corrected at https://www.w3.org/TR/2021/PR-webauthn-2-20210225/ |
wseltzer
added
Awaiting Publication
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Document title, URLs, estimated publication date
Web Authentication: An API for Accessing Public Key Credentials Level 2
https://www.w3.org/TR/webauthn-2/
Estimated pub-date: 19 02 2021
Staged: https://www.w3.org/TR/2021/PR-webauthn-2-20210225/
Abstract
This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Conceptually, one or more public key credentials, each scoped to a given WebAuthn Relying Party, are created by and bound to authenticators as requested by the web application. The user agent mediates access to authenticators and their public key credentials in order to preserve user privacy. Authenticators are responsible for ensuring that no operation is performed without user consent. Authenticators provide cryptographic proof of their properties to Relying Parties via attestation. This specification also describes the functional model for WebAuthn conformant authenticators, including their signature and attestation functionality.
Status
CR
Link to group's decision to request transition
https://www.w3.org/2021/01/27-webauthn-minutes.html
Changes
since CR, all editorial:
https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fwww.w3.org%2FTR%2Fwebauthn-2%2F&doc2=https%3A%2F%2Fw3c.github.io%2Fwebauthn%2F
Requirements satisfied
Yes
Wide Review
Web Payments WG
“The Web Authentication WG and the Web Payments WG launched a joint task force in October 2019 to help ensure that payments use cases can be addressed by Web Authentication. Although this collaboration has not involved formal review of Web Authentication Level 2, it has involved usage of the specification and led to a number of feature proposals, including:
improve the user experience. This work is motivated in particular by regulatory requirements in Europe (PSD2) involving both strong customer authentication (SCA) and transaction confirmation (“dynamic linking”).
In short, the Web Payments Working Group is an active consumer of Web Authentication and has engaged payments industry stakeholders around the adoption of Web Authentication."
PING
issues addressed
Security
Security Review Request for WebAuthn Level 2 (Monday, 19 October) -- no issues
i18n
Review Requested and Editorial issues filed
APA WG
Accessibility Review Request for WebAuthn Level 2 (Monday, 19 October)
Issues addressed
Editorial issues will move to Level 3
Formal Objections
None
Implementation
Two Browser implementations: Chrome and Edge
Implementation report (from WPT tests: https://www.w3.org/2020/12/webauthn-report.html )
Patent disclosures
None
February 20 2021: Last day of the 60 day exclusion opportunity that began from Candidate Recommendation
The text was updated successfully, but these errors were encountered: