Skip to content

Commit

Permalink
Publish curated data from 3ec76dc
Browse files Browse the repository at this point in the history 
Curated data generated from raw data at 3ec76dc
  • Loading branch information
curation-bot committed Sep 12, 2024
1 parent c0c9812 commit ca348c1
Show file tree
Hide file tree
Showing 5 changed files with 60 additions and 36 deletions.
26 changes: 19 additions & 7 deletions ed/algorithms/webauthn-3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1339,7 +1339,7 @@
{
"html": "<p>The inputs to the algorithm are:</p>",
"ignored": [
"A bytestring, clientDataJSON, that contains clientDataJSON — the serialized CollectedClientData that is to be verified. A string, type, that contains the expected type. A byte string, challenge, that contains the challenge byte string that was given in the PublicKeyCredentialRequestOptions or PublicKeyCredentialCreationOptions. A string, origin, that contains the expected origin that issued the request to the user agent. A boolean, crossOrigin, that is true if, and only if, the request should have been performed within a cross-origin iframe."
"A bytestring, clientDataJSON, that contains clientDataJSON — the serialized CollectedClientData that is to be verified. A string, type, that contains the expected type. A byte string, challenge, that contains the challenge byte string that was given in the PublicKeyCredentialRequestOptions or PublicKeyCredentialCreationOptions. A string, origin, that contains the expected origin that issued the request to the user agent. An optional string, topOrigin, that contains the expected topOrigin that issued the request to the user agent, if available. A boolean, requireTopOrigin, that is true if, and only if, the verification should fail if topOrigin is defined and the topOrigin attribute is not present in clientDataJSON. This means that the verification algorithm is backwards compatible with the JSON-compatible serialization algorithm in Web Authentication Level 2 [webauthn-2-20210408] if, and only if, requireTopOrigin is false."
]
},
{
Expand Down Expand Up @@ -1370,16 +1370,28 @@
"html": "<p>Append 0x2c2263726f73734f726967696e223a (<code>,\"crossOrigin\":</code>) to <var>expected</var>.</p>"
},
{
"html": "If <var>crossOrigin</var> is true:",
"html": "If <var>topOrigin</var> is defined:",
"rationale": "append",
"steps": [
{
"html": "<p>Append 0x74727565 (<code>true</code>) to <var>expected</var>.</p>"
},
{
"html": "If <var>requireTopOrigin</var> is true\nor if 0x2c22746f704f726967696e223a (<code>,\"topOrigin\":</code>) is a prefix\nof the substring of <var>clientDataJSON</var> beginning at the offset equal to the length of <var>expected</var>:",
"rationale": "append",
"steps": [
{
"html": "<p>Append 0x2c22746f704f726967696e223a (<code>,\"topOrigin\":</code>) to <var>expected</var>.</p>"
},
{
"html": "<p>Append <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#ccdtostring\" id=\"ref-for-ccdtostring⑦\">CCDToString</a>(<var>topOrigin</var>) to <var>expected</var>.</p>"
}
]
}
]
},
{
"html": "Otherwise, i.e. <var>crossOrigin</var> is false:",
"html": "Otherwise, i.e. <var>topOrigin</var> is not defined:",
"rationale": "append",
"steps": [
{
Expand Down Expand Up @@ -1785,14 +1797,14 @@
"html": "<a class=\"self-link\" href=\"https://w3c.github.io/webauthn/#rp-op-registering-a-new-credential-step-origin\"></a> Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-origin\" id=\"ref-for-dom-collectedclientdata-origin⑦\">origin</a></code></code> is an <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①④\">origin</a> expected by the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②④⑨\">Relying Party</a>.\n See <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance."
},
{
"html": "If <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin\">topOrigin</a></code></code> is present:",
"html": "If <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin\">topOrigin</a></code></code> is present:",
"rationale": "verify",
"steps": [
{
"html": "<p>Verify that the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑤⓪\">Relying Party</a> expects that this credential would have been created within an iframe that is\nnot <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webappsec-credential-management/#same-origin-with-its-ancestors\" id=\"ref-for-same-origin-with-its-ancestors④\">same-origin with its ancestors</a>.</p>"
},
{
"html": "<p>Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin\">topOrigin</a></code></code> matches the <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①⑤\">origin</a> of a page\nthat the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑤①\">Relying Party</a> expects to be sub-framed within.\nSee <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance.</p>"
"html": "<p>Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin①⓪\">topOrigin</a></code></code> matches the <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①⑤\">origin</a> of a page\nthat the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑤①\">Relying Party</a> expects to be sub-framed within.\nSee <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance.</p>"
}
]
},
Expand Down Expand Up @@ -1909,14 +1921,14 @@
"html": "<a class=\"self-link\" href=\"https://w3c.github.io/webauthn/#rp-op-verifying-assertion-step-origin\"></a> Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-origin\" id=\"ref-for-dom-collectedclientdata-origin⑧\">origin</a></code></code> is an <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①⑥\">origin</a> expected by the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑦⑤\">Relying Party</a>.\n See <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance."
},
{
"html": "If <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin\">topOrigin</a></code></code> is present:",
"html": "If <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin①①\">topOrigin</a></code></code> is present:",
"rationale": "verify",
"steps": [
{
"html": "<p>Verify that the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑦⑥\">Relying Party</a> expects this credential to be used within an iframe that is not <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webappsec-credential-management/#same-origin-with-its-ancestors\" id=\"ref-for-same-origin-with-its-ancestors⑤\">same-origin with its ancestors</a>.</p>"
},
{
"html": "<p>Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin①\">topOrigin</a></code></code> matches the <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①⑦\">origin</a> of a page\nthat the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑦⑦\">Relying Party</a> expects to be sub-framed within.\nSee <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance.</p>"
"html": "<p>Verify that the value of <code><var>C</var>.<code class=\"idl\"><a data-link-type=\"idl\" href=\"https://w3c.github.io/webauthn/#dom-collectedclientdata-toporigin\" id=\"ref-for-dom-collectedclientdata-toporigin①\">topOrigin</a></code></code> matches the <a data-link-type=\"dfn\" href=\"https://html.spec.whatwg.org/multipage/origin.html#concept-origin\" id=\"ref-for-concept-origin①⑦\">origin</a> of a page\nthat the <a data-link-type=\"dfn\" href=\"https://w3c.github.io/webauthn/#relying-party\" id=\"ref-for-relying-party②⑦⑦\">Relying Party</a> expects to be sub-framed within.\nSee <a href=\"https://w3c.github.io/webauthn/#sctn-validating-origin\">§ 13.4.9 Validating the origin of a credential</a> for guidance.</p>"
}
]
},
Expand Down
37 changes: 20 additions & 17 deletions ed/ids/webauthn-3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3263,17 +3263,19 @@
"https://w3c.github.io/webauthn/#ref-for-dictdef-publickeycredentialrequestoptions%E2%91%A0%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-dictdef-publickeycredentialcreationoptions%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-ccdtostring%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-base64url-encoding%E2%91%A1%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-ccdtostring%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-ccdtostring%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-ccdtostring%E2%91%A6",
"https://w3c.github.io/webauthn/#clientdatajson-development",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-type%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-challenge%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-crossorigin%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A7",
"https://w3c.github.io/webauthn/#ref-for-dictdef-collectedclientdata%E2%91%A0%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-dictdef-collectedclientdata%E2%91%A0%E2%91%A1",
"https://w3c.github.io/webauthn/#enum-credentialType",
Expand Down Expand Up @@ -3515,12 +3517,12 @@
"https://w3c.github.io/webauthn/#ref-for-abstract-opdef-request-a-credential%E2%91%A0",
"https://w3c.github.io/webauthn/#sctn-iframe-guidance",
"https://w3c.github.io/webauthn/#ref-for-web-authentication-api%E2%91%A0%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A1",
"https://w3c.github.io/webauthn/#ref-for-web-authentication-api%E2%91%A0%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-publickeycredential-discoverfromexternalsource-slot%E2%91%A0%E2%91%A1",
"https://w3c.github.io/webauthn/#ref-for-attr-iframe-allow",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A2",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A1",
"https://w3c.github.io/webauthn/#ref-for-publickey-credentials-get-feature",
"https://w3c.github.io/webauthn/#ref-for-attr-iframe-allow%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A0%E2%91%A8%E2%91%A2",
Expand Down Expand Up @@ -4645,10 +4647,10 @@
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-concept-origin%E2%91%A0%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A3%E2%91%A8",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A8",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A4%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-same-origin-with-its-ancestors%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A7",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-concept-origin%E2%91%A0%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A4%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-dom-authenticatorresponse-clientdatajson%E2%91%A7",
Expand Down Expand Up @@ -4828,10 +4830,10 @@
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A7",
"https://w3c.github.io/webauthn/#ref-for-concept-origin%E2%91%A0%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A6%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A8",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A6%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-same-origin-with-its-ancestors%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A1",
"https://w3c.github.io/webauthn/#ref-for-concept-origin%E2%91%A0%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A1%E2%91%A6%E2%91%A6",
"https://w3c.github.io/webauthn/#rp-op-verifying-assertion-step-rpid-hash",
Expand Down Expand Up @@ -6136,7 +6138,7 @@
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A3%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A3%E2%91%A1",
"https://w3c.github.io/webauthn/#sctn-seccons-visibility",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A2",
"https://w3c.github.io/webauthn/#ui-redressing",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A3%E2%91%A2",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A3%E2%91%A3",
Expand Down Expand Up @@ -6307,19 +6309,19 @@
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A0%E2%91%A8",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A6%E2%91%A7",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A1%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A2",
"https://w3c.github.io/webauthn/#ref-for-client-data%E2%91%A0%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A1",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A6%E2%91%A8",
"https://w3c.github.io/webauthn/#ref-for-relying-party%E2%91%A2%E2%91%A7%E2%93%AA",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A2",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A1%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A3",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-origin%E2%91%A1%E2%91%A0",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-the-iframe-element%E2%91%A5",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A6",
"https://w3c.github.io/webauthn/#ref-for-dom-collectedclientdata-toporigin%E2%91%A0%E2%91%A7",
"https://w3c.github.io/webauthn/#sctn-privacy-considerations",
"https://w3c.github.io/webauthn/#ref-for-authenticator%E2%91%A2%E2%93%AA%E2%91%A4",
"https://w3c.github.io/webauthn/#ref-for-client%E2%91%A0%E2%91%A0%E2%91%A6",
Expand Down Expand Up @@ -6886,6 +6888,7 @@
"https://w3c.github.io/webauthn/#biblio-tpmv2-part3",
"https://w3c.github.io/webauthn/#biblio-url",
"https://w3c.github.io/webauthn/#biblio-wcag21",
"https://w3c.github.io/webauthn/#biblio-webauthn-2-20210408",
"https://w3c.github.io/webauthn/#biblio-webdriver",
"https://w3c.github.io/webauthn/#biblio-webidl",
"https://w3c.github.io/webauthn/#informative",
Expand Down
Loading

0 comments on commit ca348c1

Please sign in to comment.