6719e05

device-bound Public Key pair extension

equalsJeffH Apr 16, 2021

4a6b8fe

further hacking...

equalsJeffH Apr 21, 2021

5d1662d

nearly complete tho likely needs to be re-worked to include attestati…

equalsJeffH Apr 28, 2021

1622df2

add 'device-bound key'

equalsJeffH Apr 30, 2021

5e684aa

in-progress updates...

equalsJeffH May 6, 2021

71afdbe

further in-progress updates...

equalsJeffH May 6, 2021

8040d13

further in-progress updates...

equalsJeffH May 7, 2021

38131e6

Merge branch 'main' into jeffh-fix-1546-second-key-extension

equalsJeffH May 7, 2021

ad71ff1

devicePublicKey extension section functionally complete

equalsJeffH May 7, 2021

094d385

further edits...

equalsJeffH May 7, 2021

e66eb2d

cleanup trailing whitespace...

equalsJeffH May 7, 2021

618b2de

Device-bound public key ProVerif model

equalsJeffH Jun 9, 2021

1e97952

who-signs-what musings...

equalsJeffH Jun 9, 2021

8f0d66d

editorial polishing

equalsJeffH Jun 14, 2021

43e03c8

editorial polishing

equalsJeffH Jun 15, 2021

503a027

major reorg & clarifications

equalsJeffH Jun 16, 2021

87340d7

further reorg & polish

equalsJeffH Jun 17, 2021

cbb066f

proverif model cleanup

equalsJeffH Jun 18, 2021

1e72a00

remove unused 'cert'

equalsJeffH Jun 18, 2021

99a6b79

revise/correct objects hierarchy

equalsJeffH Jun 19, 2021

e9db523

clarifications

equalsJeffH Jun 21, 2021

68ebaa2

clarifications

equalsJeffH Jun 21, 2021

8b5702c

clarifications

equalsJeffH Jun 21, 2021

da82c2e

switch model starting-point to webauthn-basic.pv

equalsJeffH Jun 21, 2021

f84069b

clarifications

equalsJeffH Jun 22, 2021

f6663cb

clarifications to both DPK stuff and PV model

equalsJeffH Jun 22, 2021

22e325d

revise model significantly

equalsJeffH Jun 24, 2021

a3ed05b

further clarifications and musings

equalsJeffH Jun 25, 2021

6382444

editorial

equalsJeffH Jun 25, 2021

768d900

revised dpk syntax per agl review

equalsJeffH Jun 26, 2021

fd9ea00

further refined dpk syntax per feedback

equalsJeffH Jun 28, 2021

a34b489

select the more simple AttObjForDevicePublicKey

equalsJeffH Jun 30, 2021

2832b5e

begin reworking devicePubKey extension

equalsJeffH Jul 1, 2021

e47c5f8

editorial

equalsJeffH Jul 1, 2021

75c8f25

device-bound-key-pair.pv -> device-bound-key-pair.txt

equalsJeffH Jul 1, 2021

4515d63

add separate webauthn.pv file

equalsJeffH Jul 1, 2021

c208e19

editorial

equalsJeffH Jul 1, 2021

591cded

Merge branch 'main' into jeffh-fix-1546-second-key-extension

equalsJeffH Jul 1, 2021

59260f0

Merge branch 'main' into jeffh-fix-1546-second-key-extension

equalsJeffH Jul 1, 2021

c3487a2

fix attSecretKey in pv model

equalsJeffH Jul 2, 2021

0e8d3b3

add README.pv.md file

equalsJeffH Jul 2, 2021

6b216db

editorial cleanups

equalsJeffH Jul 2, 2021

25b07e6

processUser -> processClientAndAuthnr

equalsJeffH Jul 5, 2021

2da4504

define formal RegRequestMsg

equalsJeffH Jul 5, 2021

f943bbc

editorial

equalsJeffH Jul 5, 2021

e23ccfe

attPublicKey is public

equalsJeffH Jul 5, 2021

7a1e2ee

WIP: refine attestation object construction

equalsJeffH Jul 7, 2021

8a420eb

WIP: attObject parsing

equalsJeffH Jul 7, 2021

d2b529b

WIP: add Extensions.

equalsJeffH Jul 7, 2021

666718a

editorial

equalsJeffH Jul 7, 2021

f9e861c

COMPLETED: refine attestation object construction

equalsJeffH Jul 8, 2021

e1a4383

refine events

equalsJeffH Jul 8, 2021

9182fa1

editorial

equalsJeffH Jul 8, 2021

89e2660

editorial

equalsJeffH Jul 9, 2021

54eb767

more meaningful query wrt response msg.

equalsJeffH Jul 20, 2021

f6fcee8

add: set traceDisplay long

equalsJeffH Aug 13, 2021

1747dff

fix var rebindings, trim queries

equalsJeffH Aug 14, 2021

12ec079

update README.pv.md

equalsJeffH Aug 14, 2021

59f2909

edit README.pv.md

equalsJeffH Aug 14, 2021

8b4d51c

rename server name, plus other clieanups

equalsJeffH Aug 15, 2021

c5f3b2d

edit README.pv.md

equalsJeffH Aug 15, 2021

4ebd028

remove pv files from this branch

equalsJeffH Aug 17, 2021

4f18790

Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension

equalsJeffH Aug 17, 2021

66e67bd

update Device-bound public key extension

equalsJeffH Aug 17, 2021

9ac274a

work in progress

equalsJeffH Aug 20, 2021

fcc6a68

finish Notes -- nominally complete for Draft PR

equalsJeffH Aug 21, 2021

73cc7ff

Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension

equalsJeffH Aug 21, 2021

7c5393c

untraced device-bound-key-pair.txt

equalsJeffH Aug 21, 2021

3d16662

context is now scope

equalsJeffH Nov 12, 2021

aee534c

do binary equality checks

equalsJeffH Nov 12, 2021

7c3e2e8

Apply suggestions from emlun's code review, thanks!

equalsJeffH Nov 12, 2021

90593b9

fixes inspired by emlun's review

equalsJeffH Nov 12, 2021

d0bef33

apply and merge emlun's review suggestions, thx!

equalsJeffH Nov 12, 2021

89cec45

Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension

equalsJeffH Nov 12, 2021

db63d69

incorp pascoej's correction, thx!

equalsJeffH Nov 15, 2021

9a78683

fix bug emlun caught (thx) & apply polish

equalsJeffH Nov 16, 2021

d52342c

Apply emlun's suggestions, thx!

equalsJeffH Jan 11, 2022

e23c4b9

polish emlun's suggestion to not be a Note

equalsJeffH Jan 11, 2022

b8ec5b8

polish Authenticator extension processing

equalsJeffH Jan 12, 2022

0bb9aaa

authnr extension rather than client extension

equalsJeffH Jan 12, 2022

3237896

minor editorial fixes

equalsJeffH Jan 14, 2022

d652787

Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension

equalsJeffH Jan 18, 2022

55e64c9

revise intro and define most of verification procedure

equalsJeffH Jan 18, 2022

41ffcbf

finish roughing-out verification procedures

equalsJeffH Jan 18, 2022

f131d68

remove extraneous Note on permissions policy that crept in somehow

equalsJeffH Jan 18, 2022

e1e6d94

incorp emlun's suggestion on hardware-bound device key pair definition

equalsJeffH Jan 18, 2022

23ea3ef

add Notes to RP verification steps linking to DPK extension verificat…

equalsJeffH Feb 18, 2022

683ad4d

do not use 'synced' user cred term per TimC

equalsJeffH Feb 18, 2022

17f3aa2

update 'Relying Party Usage' section and note current issues

equalsJeffH Mar 4, 2022

b4e8d0e

clarification

equalsJeffH Mar 5, 2022

619ebb9

wordsmithing, thx emlun!

equalsJeffH Mar 9, 2022

2730294

incop & massage Emlun's suggestion, thx!

equalsJeffH Mar 17, 2022

f0fe8f2

rough WIP to fix issue #1701 side-channel attack

equalsJeffH Mar 19, 2022

f145234

further WIP re fixing #1701 authnr nonce, & noting #1711

equalsJeffH Mar 23, 2022

b8d8567

attempt at polishing various portions of devicePubKey

equalsJeffH Mar 23, 2022

d92bad2

The DPK is stored on the authenticator.

agl May 19, 2022

6d45aba

Provide attestation controls.

agl May 19, 2022

eb598ff

Pull out DPK attestation rules and add signature prefix.

agl May 19, 2022

b7289e1

Reflow CDDL to avoid a scroll bar.

agl May 19, 2022

dcfb392

Have the DPK sign over everything.

agl May 19, 2022

cbb6b5d

Note that CTAP2 CBOR is required in DPK.

agl May 19, 2022

ccfd0b4

Resolve comment by jovasco

agl May 19, 2022

f3315b5

Merge branch 'main' into dpk

agl Jun 17, 2022

27ef223

Link definitions from PR 1695.

agl Jun 17, 2022

bfce0cf

Make the DPK signature a different output field.

agl Jun 17, 2022

20dd35c

Update attestation and add it for assertions

agl Jun 17, 2022

27d0895

Introduce unsigned extension outputs and use it to return the dpk sig…

arnar Jun 22, 2022

e30cdb1

Fix build error

arnar Jun 22, 2022

38fb4e1

Review fixes and another indentation fix

arnar Jun 22, 2022

0c7fad0

Fix misplaced Note annotation

arnar Jun 22, 2022

844cff7

Merge pull request #1754 from arnar/jeffh-fix-1658-device-bound-key-e…

agl Jun 22, 2022

6fbfccf

Update attestation and add it for assertions

agl Jun 17, 2022

4e67faa

Various fixes and updates in light of comments

agl Jul 19, 2022

832c2e8

Merge branch 'main' into jeffh-fix-1658-device-bound-key-extension

emlun Aug 1, 2022

6940a43

Merge pull request #1787 from w3c/merge-main-into-1658

agl Aug 20, 2022

7b531a8

Apply more of emlun's suggestions from code review

agl Aug 20, 2022

04ddb48

Apply one of emlun's suggestions

agl Aug 20, 2022

3cba94c

Apply one of emlun's suggestions

agl Aug 20, 2022

47017e4

Apply one of emlun's suggestions

agl Aug 20, 2022

16a846a

Apply one of emlun's suggestions

agl Aug 20, 2022

2ec8861

Apply one of emlun's suggestions

agl Aug 20, 2022

5c1cd98

Apply suggestions from code review

agl Aug 20, 2022

5c6c23d

Apply suggestions from code review

agl Aug 20, 2022

a026a5b

Apply one of emlun's suggestions

agl Aug 20, 2022

ec03d4d

Have the authenticator output a bytestring, not a map.

agl Aug 20, 2022

88be1a6

Fix devicePubKey sub-heading levels

emlun Aug 23, 2022

3430c95

Hopefully fix up my misinterpretation of emlun's comment.

agl Aug 25, 2022

5af393d

RPs shouldn't check DPK attestation for equality.

agl Aug 25, 2022

fe333fe

Remove incorrect note about nonces.

agl Aug 25, 2022

ece61f0

Include enterpriseAttestationPossible when calling authenticatorGetAs…

agl Aug 25, 2022

4279e6e

Apply one of emlun's suggestions

agl Aug 25, 2022

d25fd53

Mention where authData and hash are used.

agl Aug 25, 2022

8966fe6

Apply emlun's suggestions from code review

agl Sep 10, 2022

d671894

Address emlun's comments.

agl Sep 10, 2022

ca1b0c6

Add a note to explain how the RP's challenge is included in dpkSig.

agl Sep 21, 2022

6112877

Remove a horizontal scrollbar on the DPK CDDL.

agl Sep 21, 2022

ed0b779

Remove now superfluous variable in DPK processing.

agl Sep 21, 2022

9bd0e3d

Apply Shane's suggestions

agl Sep 27, 2022

759ce04

DPK is only valid for backup eligible credentials.

agl Sep 27, 2022

8aa160c

Address Shane's comments.

agl Sep 27, 2022

bff403d

s/then/than, noticed by Shane.

agl Oct 1, 2022

fba2725

Add missing blank line. Thanks Emil.

agl Oct 5, 2022

f780870

Resolve last comment.

agl Oct 7, 2022

6ae32a0

Merge branch 'main' into dpk

agl Oct 7, 2022