Changes

Jump to: navigation, search

Security/CryptoEngineering

1,131 bytes removed, 14:24, 25 September 2017
Web Authentication: Note new landing dates
* 2017 Q2: Support USB HID U2F devices on Linux, Mac OS X, and Windows. [https://github.com/jcjones/u2f-hid-rs/ rust u2f-hid-rs library]
* 2017 Q2-3: Integrate '''USB HID U2F hardware support''' into Firefox.
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1380270 Bug 1380270: Add libudev support to the tree]** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388843 Bug 1388843: Add u2f-hid-rs rust library to the tree]** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851: Tie u2f-hid-rs rust library into WebAuthn's U2F HID Manager]** Currently expected to land Done in '''Firefox 5857'''.
* 2017 Q2-3: Update to Working Draft 5 of the WebAuthn JS API.
** Done in '''Firefox 56'''
* 2017 Q3: Integrate hardware support with the '''FIDO U2F v1.1 JS API'''
** [https://bugzilla.mozilla.org/show_bug.cgi?id=1245527 Bug 1245527: Tie U2F JS API into WebAuthnDone in '''s U2F HID Manager]*** This is probably going to make it into Firefox 57, but won't enable hardware support until [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851] also lands''.
* 2017 September: Interoperability testing for WebAuthn.
* 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
* 2018: Support U2F hardware for Firefox for Android.
** [https://github.com/jcjones/u2f-hid-rs/issues/42 u2f-hid-rs Issue #42]
 
All of the above dates are for landing in Firefox Nightly.
'''Goal''': permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57, and Web Authentication (on by default) in Firefox 57 or 58. (See [[RapidRelease/Calendar]])
=== Unstable Build: 30 August 2017 Using U2F / WebAuthn === This build contains all of the above patches for Bug 1380270, Bug 1388843, Bug 1388851, and Bug 1245527. It also generally has some small fixups that will also make it somewhere or other.
* OSXEnable the preferences in '''about: httpsconfig'''://queue.taskcluster.net/v1/task/IMBLy88oQf29Aa2xI5kucQ/runs/0/artifacts/public/build/target.dmg* Windows 64: https://queuesecurity.taskclusterwebauth.net/v1/task/O8mFlCIISO-A8ej1uo8TQg/runs/0/artifacts/public/build/target.zipu2f* Linux: '''Unavailable''' at TaskCluster for now, due to [https://treeherdersecurity.mozillawebauth.org/logviewer.html#?job_id=126547385&repo=try&lineNumber=8105 libudev not being available to the rust compiler]webauthn
Enabling debugging (example for OSX):
* https://webauthn.bin.coffee/wd-05/
It does not work on Facebookor Google Accounts; there are issues beyond browser detection that haven't been analyzed yet.
=== Tracked Bugs ===
Jcjones
122
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1181154"

Navigation menu