Skip to content

Commit

Permalink
Fix @annevk's and @equalsJeffH's comments.
Browse files Browse the repository at this point in the history
  • Loading branch information
@jyasskin
jyasskin committed Feb 24, 2017
1 parent f79f822 commit c403edc
Showing 1 changed file with 22 additions and 10 deletions.
32 changes: 22 additions & 10 deletions index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,10 @@ spec: HTML52; urlPrefix: https://w3c.github.io/html/
type: interface
text: Navigator

spec: TokenBinding; urlPrefix: https://tools.ietf.org/html/draft-ietf-tokbind-protocol-13#
type: dfn
text: Token Binding ID; url: section-3.2

spec: WebCryptoAPI; urlPrefix: https://www.w3.org/TR/WebCryptoAPI/
type: dfn
text: normalizing an algorithm; url: dfn-normalize-an-algorithm
Expand Down Expand Up @@ -166,7 +170,8 @@ or a combination of both.

## Dependencies ## {#dependencies}

This specification relies on several other underlying specifications.
This specification relies on several other underlying specifications, listed
below and in [[#index-defined-elsewhere]].

: Base64url encoding
:: The term <dfn>Base64url Encoding</dfn> refers to the base64 encoding using the URL- and filename-safe character set defined
Expand Down Expand Up @@ -471,14 +476,14 @@ When this method is invoked, the user agent MUST execute the following algorithm
Issue: We need *some* constraints on the possible hash algorithms, or
else sites will fail on unusual UAs.
: {{tokenBinding}}
:: The token binding key associated with |callerOrigin| (if any)
:: The [=Token Binding ID=] associated with |callerOrigin| (if any)

Issue: We need a definition of token binding.
Issue(w3c/webauthn#360): make sure this association was set up properly.
: {{ClientData/extensions}}
:: <code>{{options}}.{{ScopedCredentialOptions/extensions}}</code>
:: |clientExtensions|

1. Let |clientDataJSON| be the UTF-8 encoding of the result of calling the
original value of {{JSON/stringify|JSON.stringify}} on |clientData|.
1. Let |clientDataJSON| be the [=UTF-8 encoding=] of the result of calling the
initial value of {{JSON/stringify|JSON.stringify}} on |clientData|.

Issue: Some extensions contain ArrayBuffers, which don't stringify well.
What's the intent here?
Expand All @@ -496,7 +501,7 @@ When this method is invoked, the user agent MUST execute the following algorithm
1. [=set/For each=] |authenticator| in |currentlyAvailableAuthenticators|:
1. Let |excludeList| be a new [=list=].
1. [=list/For each=] credential |C| in <code>{{options}}.{{ScopedCredentialOptions/excludeList}}</code>:
1. If |C| has an empty {{transports}} list, [=list/append=] it to
1. If |C| has an empty {{transports}} list, [=list/append=] |C| to
|excludeList| and [=continue=].
1. If |authenticator| is connected over a transport not mentioned in
<code>|C|.{{transports}}</code>, the client MAY [=continue=].
Expand All @@ -510,12 +515,11 @@ When this method is invoked, the user agent MUST execute the following algorithm
1. [=set/Append=] |authenticator| to |issuedRequests|.

1. Let |promise| be [=a new promise=]. Return |promise| and start a timer for |adjustedTimeout| milliseconds.
Then execute the following steps [=in parallel=]. If any fatal error is encountered in this process other than the
Then execute the following steps [=in parallel=]. If any fatal error is encountered in this algorithm other than the
ones enumerated below, cancel the timer, [=reject=] |promise| with a DOMException whose name is "{{UnknownError}}", and terminate
this algorithm.

Issue: Should "process" be "algorithm", or does it actually mean an OS
process? What kinds of fatal errors are you worried about? I suggest we just
Issue: What kinds of fatal errors are you worried about? I suggest we just
remove that sentence.

1. While |issuedRequests| is not empty, perform the following actions depending upon the |adjustedTimeout| timer and responses
Expand Down Expand Up @@ -3021,6 +3025,14 @@ Brad Hill, Jing Jin, Anne van Kesteren, Giridhar Mandyam, Axel Nennker, Yaron Sh
"href": "https://tools.ietf.org/html/draft-greevenbosch-appsawg-cbor-cddl",
"status": "Internet Draft (work in progress)",
"date": "21 September 2016"
},

"TokenBinding": {
"authors": ["A. Popov", "M. Nystroem", "D. Balfanz", "A. Langley", "J. Hodges"],
"title": "The Token Binding Protocol Version 1.0",
"href": "https://tools.ietf.org/html/draft-ietf-tokbind-protocol-13",
"status": "Internet-Draft",
"date": "February 16, 2017"
}
}
</pre>

0 comments on commit c403edc

Please sign in to comment.