-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
undefined terms and terms we really ought to define #462
Comments
added to OP yesterday: AAGUID authenticator session extension data identifier of the credential supported extensions user account webauthn webauthn operations |
added to the list in the OP: attestation statement |
removed from list in the OP: attestation statement -- we do have a dfn (d'oh!): https://w3c.github.io/webauthn/#attestation-statement |
added to list in the OP:
local configuration knowledge |
added to list in the OP:
|
added to list in the OP: cross-platform transport protocols
|
added to list in the OP: signature |
added to list in the OP: external authenticator (to be defined in conjunction with roaming authnr) |
As discussed on the call, the issue wouldn't change API names. Taking out the renaming flag. |
added "first factor" to OP |
added to list in the OP: assertion cloned authenticator authenticator protection measures trust path |
added to list in the OP: user's account user handle |
added to list in the OP: owning authenticator |
added to list in the OP: blinding |
added to list in the OP: client-side see also issue #833 |
added to list in the OP:
WebAuthn client |
added to list in the OP: LDH Labels (perhaps just make that single-occurrance term a link to https://tools.ietf.org/html/rfc5890#section-2.3.1) |
added to list in the OP:
|
added to OP: |
Ticked items:
|
added to OP: |
Added to OP:
|
Added to OP:
See #1162 |
updated the section on "Credential" to be:
Note: residentKey is currently used in WebIDL (so we're likely stuck with it) and as a variable name in algorithms. It is synonymous with Client-side-resident Public Key Credential Source / resident credential. |
added to OP:
|
Punting this onward to L2-WD-02.... |
Checked off:
|
Removed "blinding" from OP as the search term "blind" now produces 0 hits in the editor's draft. |
The below terms are formally undefined and we should consider defining them (and linking their occurrences to their dfn. Be sure to see also issue #358 -- there is overlap between this issue and that one.
Add to, or remove from, this list by updating this original post (OP):
attesting authority (aka authenticator vendor (which could be a (client) platform vendor))
attestation trust model (presently we discuss "trust model" in terms of attestation types, but do not define the latter term)
AAGUID
assertion
authenticator-related terms:
external authenticator (to be defined in conjunction with roaming authnr)
CREDENTIAL:
Note: residentKey is currently used in WebIDL (so we're likely stuck with it) and as a variable name in algorithms. It is synonymous with Client-side-resident Public Key Credential Source / resident credential.
cross-platform transport protocols
extension data
first-factor
identifier of the credential
LDH Labels (perhaps just make that single-occurrance term a link to https://tools.ietf.org/html/rfc5890#section-2.3.1)
local configuration knowledge
scope, as in:
SCRIPT:
see also issue adopt consistent terms for RP server-side and client-side components #80
signature
define as "digital signature" ?
signature counter
supported extensions
trust path
user/account
OS level user ID
The text was updated successfully, but these errors were encountered: