[wpt-sync] Sync PR 31526 - webauthn: support the minPinLength extension.
Categories
(Core :: DOM: Web Authentication, task, P4)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox97 | --- | fixed |
People
(Reporter: mozilla.org, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 31526 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/31526
Details from upstream follow.
Adam Langley <agl@chromium.org> wrote:
webauthn: support the minPinLength extension.
This extension[1] allows a configured site to learn the minimum PIN
length set on an authenticator. This is for enterprise environments that
need to enforce PIN length policies.The CTAP 2.1 specification allows a) the minimum PIN length to be
increased from the usual four bytes, b) a domain to be configured that
is authorised to request a report on the current minimum, and c) this
extension to plumb that data back to the site.Thus, if a security key is configured to allow, say, example.com to
learn the minimum PIN length, and example.com creates a credential to
learn that the PIN length is $x, then it knows that the PIN length
enforced when that credential is exercised is never less than that. (The
only way to reduce the minimum is to reset the authenticator, but that
wipes all credentials.)Chromium does not provide any mechanism for configuring the allowed
domain. That has to be done manually via another process.BUG=1259760
Change-Id: Ic4230b9986c8a4215e1f80da9616a571d7b2b7c9
Reviewed-on: https://chromium-review.googlesource.com/3256056
WPT-Export-Revision: 64d6a77c223eba0b1a01724e5b38078cc3422b65
|
Assignee | |
Updated•3 years ago
|
|
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Comment 1•2 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=3adaa82a8bcca4f2181d01fa68790030eddf2056
|
|
Assignee | |
Comment 2•2 years ago
|
||
CI Results
Ran 11 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI
Total 1 tests and 1 subtests
Status Summary
Firefox
TIMEOUT: 2
Chrome
ERROR : 1
Safari
ERROR : 1
Links
Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base
Details
New Tests That Don't Pass
/webauthn/createcredential-minpinlength.https.html: SKIP [Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt], TIMEOUT [GitHub] (Chrome: ERROR, Safari: ERROR)
navigator.credentials.create() with minPinLength requested: TIMEOUT
Tests Disabled in Gecko Infrastructure
/webauthn/createcredential-minpinlength.https.html: SKIP [Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt], TIMEOUT [GitHub] (Chrome: ERROR, Safari: ERROR)
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/2f6b7901372d [wpt PR 31526] - webauthn: support the minPinLength extension., a=testonly
|
||
Comment 4•2 years ago
|
||
| bugherder | ||
Description
•