Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
Web Authentication Working Draft rev 7 (WD-07) is officially published here: https://www.w3.org/TR/2017/WD-webauthn-20171205/
NOTE: the latest official WebAuthn spec release is always available here: https://www.w3.org/TR/webauthn/ (so this presently yields WD-07)
Please also note that this spec is a Working DRAFT and will change, possibly in "breaking" ways.
WebAuthn WD-07 features many changes from the prior version, here's a selected list (for details, see the diffs linked-to below):
Updated terminology to match and leverage the Credential Management spec.
Updated [[Create]] and [[DiscoverFromExternalSource]] internal methods to match arguments with those supplied by Credential Management. Note: Credman PR w3c/webappsec-credential-management#100 is related and not completed at this time.
- Explicitly facilitate roaming/external authenticator "hot-plugging" during registration and authentication operations.
- Further refined RP ID handling.
- added a type field to CollectedClientData to avoid potential signature confusion issues.
- added abort signal processing.
- added notion of "effective user verification requirement for assertion"
- added notion of RP-asserted "Attestation Conveyance Preference".
- added "user handle" notion. The "user handle" is "plumbed-through" from the RP, to the authenticator, and back to the RP. This is useful for some RP use cases.
- Facilitate discovery of "Availability of User-Verifying Platform Authenticators". This is useful for some RP use cases.
authenticator operations clarifications/polishing
- added or refined various features to match those listed above, e.g., requiring resident private key, user presence test, and user verification requirement.
- added detailed signature counter considerations.
Clarified attestation object generation.
Refined relying party operations.
Daisydiff-style rendered HTML "inline" Diff: http://kingsmountain.com/doc/diff/diff-webauthn-WD-07--from--WD-06.html
kdiff3-style PDF side-by-side text-only Diff: http://kingsmountain.com/doc/diff/diff-webauthn-WD-07--from--WD-06.pdf
WD-07 Release Page at github: https://github.com/w3c/webauthn/releases/tag/WD-07-20171205