Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none #2199

Merged
merged 1 commit into from
Nov 14, 2024
Merged

WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none #2199

merged 1 commit into from
Nov 14, 2024

Conversation

ve7jtb
Copy link
Contributor

@ve7jtb ve7jtb commented Nov 13, 2024
edited by pr-preview bot
Loading

Allow the passing of the aaguid for all Authenticators, not just the platform ones.

Closes #2198

The following tasks have been completed:

  • Modified Web platform tests (link)

Implementation commitment:

Documentation and checks

  • Affects privacy
  • Affects security
  • Updated explainer (link

Preview | Diff

@ve7jtb
Update index.bs
5d74429 
Allow the passing of the aaguid for all Authenticators, not just the platform ones.
@ve7jtb ve7jtb self-assigned this Nov 13, 2024
selfissued
selfissued approved these changes Nov 13, 2024
View reviewed changes
Copy link
Contributor

@selfissued selfissued left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a definite improvement.

@emlun
Copy link
Member

emlun commented Nov 14, 2024

Merging this as decided on the 2024-11-13 WG call.

@emlun emlun merged commit 654d384 into main Nov 14, 2024
2 checks passed
@emlun emlun deleted the ve7jtb-Fix-2198-WebAuthn-Clients-should-NOT-zero-out-AAGUIDs-from-security-keys-when-attestation-is-none- branch November 14, 2024 13:01
github-actions bot added a commit that referenced this pull request Nov 14, 2024
@emlun @github-actions
Merge pull request #2199 from w3c/ve7jtb-Fix-2198-WebAuthn-Clients-sh…
1b8ac2f 
…ould-NOT-zero-out-AAGUIDs-from-security-keys-when-attestation-is-none-

SHA: 654d384
Reason: push, by emlun

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akshayku akshayku akshayku approved these changes

@selfissued selfissued selfissued approved these changes

@timcappalli timcappalli timcappalli approved these changes

@emlun emlun emlun approved these changes

Assignees

@ve7jtb ve7jtb

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

WebAuthn Clients should NOT zero out AAGUIDs from security keys when attestation is none
5 participants
@ve7jtb @emlun @timcappalli @selfissued @akshayku