- From: Vijay Bharadwaj <vijaybh@microsoft.com>
- Date: Fri, 29 Apr 2016 17:53:50 +0000
- To: "public-webauthn@w3.org" <public-webauthn@w3.org>
This is the PR for addressing issue #1, please let me know if you have any thoughts on it.
To explain the comment about opportunities for further simplification, it occurs to me that in the Android case, instead of having the UA do all the transformations in 4.3.2.3.3, we could just return the SafetyNet API response as the attestation statement, and let the RP sort it out. It's not going to change the complexity of the RP since they have to deal with the same data and they still have to understand Android attestation semantics, so pushing bits around on the client does not seem to be adding a lot of value at least in this case.
-----Original Message-----
From: noreply@github.com [mailto:noreply@github.com]
Sent: Thursday, April 28, 2016 11:55 PM
To: public-webauthn@w3.org
Subject: [w3c/webauthn] 03801e: Simplify attestation structure by moving details i...
Branch: refs/heads/vijaybh/1-abstraction
Home: https://github.com/w3c/webauthn
Commit: 03801e10e2ed70c60513224f497c212a6b5f1ad0
https://github.com/w3c/webauthn/commit/03801e10e2ed70c60513224f497c212a6b5f1ad0
Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
Date: 2016-04-28 (Thu, 28 Apr 2016)
Changed paths:
M index.src.html
Log Message:
-----------
Simplify attestation structure by moving details into authnr model
Moved most of the attestation details into the authenticator model section, and flattened the structures for simplicity. Updated spec language to match.
It may be possible to further simplify the attestation details in the authenticator model section, but I would prefer that an attestation expert weigh in on that.
Also a few other small formatting fixups.
Received on Friday, 29 April 2016 17:54:27 UTC