Re: Intent to Ship: Web Authentication

2017-12-06 Thread J.C. Jones 
On Wed, Dec 6, 2017 at 10:24 AM, James Graham 
wrote:

> Are the web-platform-tests going to be done before we ship?
>

I hope so, though as-of-now no one from Mozilla is contributing to the
web-platform-tests [1]. Originally some FIDO Alliance-associated folk were
going to take the lead on them, but I've not been tracking it.


> For my information, what was missing from wpt that meant you had to write
> mochitests? (I don't doubt that there are good reasons, it's just
> understanding what they are helps shape future work).
>

I think most everything except the tests for tab-switch and maybe some of
the more exotic cross-origin behaviors can move to web-platform-tests, and
I hope that our existing mochitest logic can be mostly ported over there.
The only reason for not doing these as web-platform-tests to begin with was
cross-company communication inefficiencies. I fully expect this to be
remedied in 2018.

[1] https://github.com/w3c/web-platform-tests/tree/master/webauthn
___
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Re: Intent to Ship: Web Authentication

2017-12-06 Thread Jonathan Watt 
This is really awesome and a significant advance on other 2FA solutions. I've
been looking forward to us shipping this. Thank you for all your hard work!

On 05/12/2017 20:44, J.C. Jones wrote:
> Summary: Support public key cryptographic authentication devices
> through Web Authentication.
> 
> Web Authentication is backward compatible with FIDO U2F second-factor
> tokens, and also supports more advanced capabilities in future FIDO
> 2.0 devices. We intend to ship support for USB-connected FIDO U2F
> devices initially, with other transports and FIDO 2.0 device support
> to follow in 2018.
> 
> Tracking bug: https://bugzilla.mozilla.org/show_bug.cgi?id=webauthn
> 
> Spec: https://www.w3.org/TR/webauthn/
> 
> (Note that the latest working draft,
> https://www.w3.org/TR/2017/WD-webauthn-20171205/, is considered by the
> WG to be feature complete, and no more normative changes are
> anticipated.)
> 
> Estimated target release: 60
> 
> Preference behind which this is implemented:
> security.webauth.webauthn
> 
> DevTools support:
> N/A
> 
> Support by other browser engines:
> - Blink: In-progress [1]
> - Edge: In-progress [2]
> - Webkit: No public announcements
> 
> Testing:
> Mochitests in-tree; https://webauthn.io/; https://webauthn.bin.coffee/
> ; Web Platform Tests in-progress
> 
> 
> Cheers,
> J.C. Jones and Tim Taubert
> 
> [1] https://www.chromestatus.com/feature/5669923372138496
> [2] https://msdn.microsoft.com/en-us/library/mt697638(v=vs.85).aspx
> 

___
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Intent to Ship: Web Authentication

2017-12-05 Thread J.C. Jones 
Summary: Support public key cryptographic authentication devices
through Web Authentication.

Web Authentication is backward compatible with FIDO U2F second-factor
tokens, and also supports more advanced capabilities in future FIDO
2.0 devices. We intend to ship support for USB-connected FIDO U2F
devices initially, with other transports and FIDO 2.0 device support
to follow in 2018.

Tracking bug: https://bugzilla.mozilla.org/show_bug.cgi?id=webauthn

Spec: https://www.w3.org/TR/webauthn/

(Note that the latest working draft,
https://www.w3.org/TR/2017/WD-webauthn-20171205/, is considered by the
WG to be feature complete, and no more normative changes are
anticipated.)

Estimated target release: 60

Preference behind which this is implemented:
security.webauth.webauthn

DevTools support:
N/A

Support by other browser engines:
- Blink: In-progress [1]
- Edge: In-progress [2]
- Webkit: No public announcements

Testing:
Mochitests in-tree; https://webauthn.io/; https://webauthn.bin.coffee/
; Web Platform Tests in-progress


Cheers,
J.C. Jones and Tim Taubert

[1] https://www.chromestatus.com/feature/5669923372138496
[2] https://msdn.microsoft.com/en-us/library/mt697638(v=vs.85).aspx
___
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform