Skip to content

Commit

Permalink
CREDENTIAL: Tie ISSUES to GitHub.
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikewest
mikewest committed Apr 21, 2015
1 parent 69a5a66 commit c7c2f86
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 80 deletions.
101 changes: 47 additions & 54 deletions specs/credentialmanagement/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -839,7 +839,7 @@ <h4 class="heading settled" data-level="3.1.1" id="interfaces-credential-types-c
the <a data-link-type="dfn" href="http://www.w3.org/TR/html5/infrastructure.html#structured-clone">structured clone</a> algorithm by defining a cloning mechanism.</p>


<p class="issue" id="issue-43c3f08c"><a class="self-link" href="#issue-43c3f08c"></a>Define cloning algorithms.</p>
<p class="issue" id="issue-43c3f08c"><a class="self-link" href="#issue-43c3f08c"></a>Define cloning algorithms. <a href="https://github.com/w3c/webappsec/issues/287">&lt;https://github.com/w3c/webappsec/issues/287></a></p>


<pre class="idl">[NoInterfaceObject]
Expand Down Expand Up @@ -869,12 +869,9 @@ <h4 class="heading settled" data-level="3.1.1" id="interfaces-credential-types-c
<a data-link-type="dfn" href="https://w3c.github.io/webappsec/specs/mixedcontent/#a-priori-insecure-url"><i lang="la">a priori</i> insecure URL</a>.


<p class="issue" id="issue-abf570d9"><a class="self-link" href="#issue-abf570d9"></a>How do we make this responsive? Adopt <a data-link-type="biblio" href="#biblio-manifest">[MANIFEST]</a>'s icon syntax?</p>



<p class="issue" id="issue-cb43d243"><a class="self-link" href="#issue-cb43d243"></a>Anne suggests that this might be better modeled
as an <code>ImageBitmap</code> or <code>blob:</code>. <a href="https://github.com/w3c/webappsec/issues/247">&lt;https://github.com/w3c/webappsec/issues/247></a></p>
<p class="issue" id="issue-c874d302"><a class="self-link" href="#issue-c874d302"></a>Anne suggests that this might be better modeled
as an <code>ImageBitmap</code> or <code>blob:</code>. We also need to
figure out responsiveness. Perhaps <a data-link-type="biblio" href="#biblio-manifest">[MANIFEST]</a>'s format? <a href="https://github.com/w3c/webappsec/issues/247">&lt;https://github.com/w3c/webappsec/issues/247></a></p>



Expand Down Expand Up @@ -924,15 +921,14 @@ <h4 class="heading settled" data-level="3.1.2" id="interfaces-credential-types-p
</a> when this method is executed.


<p class="issue" id="issue-80c723f0"><a class="self-link" href="#issue-80c723f0"></a>Do we need the ability to pass in more information than just a URL?
Perhaps a dictionary of key/value pairs to be appended to the
username/password pair?</p>
<p class="issue" id="issue-9c1ed270"><a class="self-link" href="#issue-9c1ed270"></a>We need the ability to add additional
information to the request (CSRF tokens, etc). <a href="https://github.com/w3c/webappsec/issues/241">&lt;https://github.com/w3c/webappsec/issues/241></a></p>



<p class="issue" id="issue-6bd91de6"><a class="self-link" href="#issue-6bd91de6"></a>Probably not something for v1, but an interesting option would be
to provide a hash function here that the user agent would apply to the
password before sending it over the wire.</p>
<p class="issue" id="issue-317aa5d1"><a class="self-link" href="#issue-317aa5d1"></a>Probably not something for v1, but an
interesting option would be to provide a hash function here that the user
agent would apply to the password before sending it over the wire. <a href="https://github.com/w3c/webappsec/issues/288">&lt;https://github.com/w3c/webappsec/issues/288></a></p>



Expand Down Expand Up @@ -1175,9 +1171,9 @@ <h3 class="heading settled" data-level="3.2" id="interfaces-credential-manager">
</dl>


<p class="issue" id="issue-fc00d72b"><a class="self-link" href="#issue-fc00d72b"></a>We should support explicit sign-up via <code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>s with
generated passwords. Perhaps something similar to iOS8’s
<code>SecCreateSharedWebCredentialPassword</code>.</p>
<p class="issue" id="issue-69471d6f"><a class="self-link" href="#issue-69471d6f"></a>We should support explicit sign-up via
<code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>s with generated passwords. Perhaps something similar to
iOS8’s <code>SecCreateSharedWebCredentialPassword</code>. <a href="https://github.com/w3c/webappsec/issues/250">&lt;https://github.com/w3c/webappsec/issues/250></a></p>


<h4 class="heading settled" data-level="3.2.1" id="interfaces-request-options"><span class="secno">3.2.1. </span><span class="content">
Expand Down Expand Up @@ -1407,9 +1403,9 @@ <h4 class="heading settled" data-level="4.1.1" id="request-credential"><span cla
referenced in <var>request</var>’s <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-types">types</a></code> property.


<p class="issue" id="issue-2b23a75b"><a class="self-link" href="#issue-2b23a75b"></a>This is terribly hand-wavey. The intent is clear, but I need to do
the work to walk through the list of DOMStrings and convert them to
interfaces and etc. Busywork for later.</p>
<p class="issue" id="issue-6005a2a4"><a class="self-link" href="#issue-6005a2a4"></a>This is terribly hand-wavey. The intent is
clear, but I need to do the work to walk through the list of DOMStrings
and convert them to interfaces and etc. Busywork for later. <a href="https://github.com/w3c/webappsec/issues/289">&lt;https://github.com/w3c/webappsec/issues/289></a></p>



Expand Down Expand Up @@ -1513,12 +1509,13 @@ <h4 class="heading settled" data-level="4.1.1" id="request-credential"><span cla
</ol>


<p class="issue" id="issue-a1f2ff7b"><a class="self-link" href="#issue-a1f2ff7b"></a>How do we deal with a future in which <code class="idl"><a data-link-type="idl" href="#locallystoredcredential">LocallyStoredCredential</a></code> isn’t
the only type? For example, how could an author pull some "RemoteCredential"
that required interaction with a third-party, but fall back to a
<code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>? For the moment, we’re resolving this by rejecting the
promise if the types listed in <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-types">types</a></code> aren’t all
instances of the same type, but that seems like something we’d want to fix.</p>
<p class="issue" id="issue-d98444f7"><a class="self-link" href="#issue-d98444f7"></a>How do we deal with a future in which
<code class="idl"><a data-link-type="idl" href="#locallystoredcredential">LocallyStoredCredential</a></code> isn’t the only type? For example, how could an
author pull some "RemoteCredential" that required interaction with a
third-party, but fall back to a <code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>? For the moment, we’re
resolving this by rejecting the promise if the types listed in
<code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-types">types</a></code> aren’t all instances of the same type, but that
seems like something we’d want to fix. <a href="https://github.com/w3c/webappsec/issues/256">&lt;https://github.com/w3c/webappsec/issues/256></a></p>


<h4 class="heading settled" data-level="4.1.2" id="store-credential"><span class="secno">4.1.2. </span><span class="content">
Expand Down Expand Up @@ -2609,9 +2606,6 @@ <h3 class="heading settled" data-level="6.2" id="security-origin-confusion"><spa
</a>
for details.</p>


<p class="issue" id="issue-bc2c9b42"><a class="self-link" href="#issue-bc2c9b42"></a>Is this a meaningful restriction for Service Workers? Probably not.</p>


<h3 class="heading settled" data-level="6.3" id="security-insecure-origins"><span class="secno">6.3. </span><span class="content">Insecure Sites</span><a class="self-link" href="#security-insecure-origins"></a></h3>

Expand Down Expand Up @@ -2720,8 +2714,8 @@ <h3 class="heading settled" data-level="8.1" id="implementation-for-authors"><sp
<p><em>This section is non-normative.</em></p>


<p class="issue" id="issue-0848699b"><a class="self-link" href="#issue-0848699b"></a>Add some thoughts here about when and how the API should be used,
especially with regard to <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-suppressui">suppressUI</a></code>.</p>
<p class="issue" id="issue-0bebb85f"><a class="self-link" href="#issue-0bebb85f"></a>Add some thoughts here about when and how the API
should be used, especially with regard to <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-suppressui">suppressUI</a></code>. <a href="https://github.com/w3c/webappsec/issues/290">&lt;https://github.com/w3c/webappsec/issues/290></a></p>


<h3 class="heading settled" data-level="8.2" id="implementation-extension"><span class="secno">8.2. </span><span class="content">Extension Points</span><a class="self-link" href="#implementation-extension"></a></h3>
Expand Down Expand Up @@ -3206,33 +3200,32 @@ <h2 class="no-num heading settled" id="idl-index"><span class="content">IDL Inde
</pre>
<h2 class="no-num heading settled" id="issues-index"><span class="content">Issues Index</span><a class="self-link" href="#issues-index"></a></h2>
<div style="counter-reset:issue">
<div class="issue">Define cloning algorithms.<a href="#issue-43c3f08c"></a></div>
<div class="issue">How do we make this responsive? Adopt <a data-link-type="biblio" href="#biblio-manifest">[MANIFEST]</a>'s icon syntax?<a href="#issue-abf570d9"></a></div>
<div class="issue">Define cloning algorithms. <a href="https://github.com/w3c/webappsec/issues/287">&lt;https://github.com/w3c/webappsec/issues/287></a><a href="#issue-43c3f08c"></a></div>
<div class="issue">Anne suggests that this might be better modeled
as an <code>ImageBitmap</code> or <code>blob:</code>. <a href="https://github.com/w3c/webappsec/issues/247">&lt;https://github.com/w3c/webappsec/issues/247></a><a href="#issue-cb43d243"></a></div>
<div class="issue">Do we need the ability to pass in more information than just a URL?
Perhaps a dictionary of key/value pairs to be appended to the
username/password pair?<a href="#issue-80c723f0"></a></div>
<div class="issue">Probably not something for v1, but an interesting option would be
to provide a hash function here that the user agent would apply to the
password before sending it over the wire.<a href="#issue-6bd91de6"></a></div>
<div class="issue">We should support explicit sign-up via <code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>s with
generated passwords. Perhaps something similar to iOS8’s
<code>SecCreateSharedWebCredentialPassword</code>.<a href="#issue-fc00d72b"></a></div>
<div class="issue">This is terribly hand-wavey. The intent is clear, but I need to do
the work to walk through the list of DOMStrings and convert them to
interfaces and etc. Busywork for later.<a href="#issue-2b23a75b"></a></div>
<div class="issue">How do we deal with a future in which <code class="idl"><a data-link-type="idl" href="#locallystoredcredential">LocallyStoredCredential</a></code> isn’t
the only type? For example, how could an author pull some "RemoteCredential"
that required interaction with a third-party, but fall back to a
<code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>? For the moment, we’re resolving this by rejecting the
promise if the types listed in <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-types">types</a></code> aren’t all
instances of the same type, but that seems like something we’d want to fix.<a href="#issue-a1f2ff7b"></a></div>
as an <code>ImageBitmap</code> or <code>blob:</code>. We also need to
figure out responsiveness. Perhaps <a data-link-type="biblio" href="#biblio-manifest">[MANIFEST]</a>'s format? <a href="https://github.com/w3c/webappsec/issues/247">&lt;https://github.com/w3c/webappsec/issues/247></a><a href="#issue-c874d302"></a></div>
<div class="issue">We need the ability to add additional
information to the request (CSRF tokens, etc). <a href="https://github.com/w3c/webappsec/issues/241">&lt;https://github.com/w3c/webappsec/issues/241></a><a href="#issue-9c1ed270"></a></div>
<div class="issue">Probably not something for v1, but an
interesting option would be to provide a hash function here that the user
agent would apply to the password before sending it over the wire. <a href="https://github.com/w3c/webappsec/issues/288">&lt;https://github.com/w3c/webappsec/issues/288></a><a href="#issue-317aa5d1"></a></div>
<div class="issue">We should support explicit sign-up via
<code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>s with generated passwords. Perhaps something similar to
iOS8’s <code>SecCreateSharedWebCredentialPassword</code>. <a href="https://github.com/w3c/webappsec/issues/250">&lt;https://github.com/w3c/webappsec/issues/250></a><a href="#issue-69471d6f"></a></div>
<div class="issue">This is terribly hand-wavey. The intent is
clear, but I need to do the work to walk through the list of DOMStrings
and convert them to interfaces and etc. Busywork for later. <a href="https://github.com/w3c/webappsec/issues/289">&lt;https://github.com/w3c/webappsec/issues/289></a><a href="#issue-6005a2a4"></a></div>
<div class="issue">How do we deal with a future in which
<code class="idl"><a data-link-type="idl" href="#locallystoredcredential">LocallyStoredCredential</a></code> isn’t the only type? For example, how could an
author pull some "RemoteCredential" that required interaction with a
third-party, but fall back to a <code class="idl"><a data-link-type="idl" href="#passwordcredential">PasswordCredential</a></code>? For the moment, we’re
resolving this by rejecting the promise if the types listed in
<code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-types">types</a></code> aren’t all instances of the same type, but that
seems like something we’d want to fix. <a href="https://github.com/w3c/webappsec/issues/256">&lt;https://github.com/w3c/webappsec/issues/256></a><a href="#issue-d98444f7"></a></div>
<div class="issue">Should we introduce a new Fetch context?
<code>credential</code> or something? <a href="https://github.com/w3c/webappsec/issues/231">&lt;https://github.com/w3c/webappsec/issues/231></a><a href="#issue-b97befdf"></a></div>
<div class="issue">Is this a meaningful restriction for Service Workers? Probably not.<a href="#issue-bc2c9b42"></a></div>
<div class="issue">Add some thoughts here about when and how the API should be used,
especially with regard to <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-suppressui">suppressUI</a></code>.<a href="#issue-0848699b"></a></div>
<div class="issue">Add some thoughts here about when and how the API
should be used, especially with regard to <code class="idl"><a data-link-type="idl" href="#dom-credentialrequest-suppressui">suppressUI</a></code>. <a href="https://github.com/w3c/webappsec/issues/290">&lt;https://github.com/w3c/webappsec/issues/290></a><a href="#issue-0bebb85f"></a></div>
<div class="issue">
Groups like the
<a href="http://www.w3.org/Payments/IG/">Web Payments IG</a>
Expand Down
Loading

0 comments on commit c7c2f86

Please sign in to comment.