122
edits
Changes
U2F schedule updates
** [https://groups.google.com/d/msg/mozilla.dev.platform/F0rCRF8z87E/CPh7dIJ9BQAJ Intent to Implement Announcement]
** [https://lists.w3.org/Archives/Public/public-webauthn/2017Jan/0083.html Ready For Experiment Announcement]
* 2017 Q2: Support USB HID U2F devices on Linux.* 2017 Q2: Support USB HID U2F devices on , Mac OS X, and Windows.* 2017 Q2[https: Support USB HID U2F devices on Windows//github.com/jcjones/u2f-hid-rs/ rust u2f-hid-rs library]
* 2017 Q2-3: Integrate USB HID U2F devices with the WebAuthn JS API.
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1380270 Bug 1380270: Add libudev support to the tree]
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388843 Bug 1388843: Add u2f-hid-rs rust library to the tree]
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851: Tie u2f-hid-rs rust library into WebAuthn's U2F HID Manager]
* 2017 Q2-3: Update to Working Draft 5 of the WebAuthn JS API.
** Done in Firefox 56* 2017 (late)Q3: Integrate USB HID U2F devices with the WebAuthn JS API.** [https://bugzilla.mozilla.org/show_bug.cgi?id=1245527 Bug 1245527: Support Tie U2F JS API into WebAuthn for mobile Firefox's U2F HID Manager]*** This will enable hardware support when [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851] lands.
* 2017 (late): Support USB HID CTAP devices on desktop platforms. (Exact version TBD)
* 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
* 2018: Support WebAuthn for mobile Firefox.
All of the above dates are for landing in Firefox Nightly.
'''Goal''': permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57, and Web Authentication (on by default) in Firefox 57 or 58. (See [[RapidRelease/Calendar]])
=== Unstable Build: 28 August 2017 ===
This build contains all of the above patches for Bug 1380270, Bug 1388843, Bug 1388851, and Bug 1245527. It also generally has some small fixups that will also make it somewhere or other.
* OSX: https://queue.taskcluster.net/v1/task/EEFV8kReSEGQL5Ju9be1jA/runs/0/artifacts/public/build/target.dmg
* Windows 64: https://queue.taskcluster.net/v1/task/OiarfVMeQ9Ciktw0CKHcdw/runs/0/artifacts/public/build/target.zip
* Linux: Unavailable at TaskCluster for now, due to [https://treeherder.mozilla.org/logviewer.html#?job_id=126547385&repo=try&lineNumber=8105 libudev not being available to the rust compiler]
Enabling debugging (example for OSX):
MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox
This build supports WebAuthn WD-05 and U2F v1.1 using hardware tokens. This build passes at:
* https://u2f.bin.coffee/
* https://u2fdemo.appspot.com/
It does not work with some form of attestation-signature error at:
* https://demo.yubico.com/u2f
* Github
== DOM Security ==
