- From: Vijay Bharadwaj <vijaybh@microsoft.com>
- Date: Wed, 3 Aug 2016 06:13:54 +0000
- To: "Mandyam, Giridhar" <mandyam@qti.qualcomm.com>, W3C WebAuthn WG <public-webauthn@w3.org>
- Message-ID: <1c59f1a96cea4354b5f2e195aec732e1@microsoft.com>
Thanks for sending this out, Giri.
If we agree on the need for a location extension, then I believe that having it be explicitly defined like this is much better than leaving it opaque.
From: Mandyam, Giridhar [mailto:mandyam@qti.qualcomm.com]
Sent: Tuesday, August 02, 2016 1:27 PM
To: W3C WebAuthn WG <public-webauthn@w3.org>
Subject: Proposal for a Location Extension, rev 4
Here is a revision. Assuming this is OK, then I will create a PR. Not 100% sure if all the UTF-8 conversions in the example below are accurate.
Location Extension
This extension allows a WebAuthn Relying Party to request an authenticator to add a location object as extension data to either the packed attestation or assertion. The authenticator, if it supports the extension, can add location data to either a packed attestation or assertion.
Extension Identifier
webauthn_loc
Client argument
The Boolean value true to indicate that this extension is requested by the Relying Party.
Client processing
None, except default forwarding of client argument to authenticator argument.
Authenticator argument
The Boolean value true, encoded in CBOR (major type 7, value 21).
Authenticator Processing
If the authenticator does not support the extension, then the authenticator MUST ignore the extension request. If the authenticator accepts the extension, then the authenticator SHOULD only add this extension data to a packed attestation or assertion.
Authenticator data
If the authenticator accepts the extension request, then authenticator data SHOULD provide location data in the form of a CBOR-encoded map, with the first value being the extension identifier and the second being an array of returned values. The array elements SHOULD be derived from (key,value) pairings for each location attribute that the authenticator supports. The following is an example of authenticator data where the returned array is comprised of a {longitude, latitude, altitude} triplet.
A2 -- CBOR MAP of two elements
6C -- Value 1: CBOR text string of 11 bytes
77 65 62 61 75 74 68 6E 5F 6C 6F 63 -- "webauthn_loc" UTF-8 string
86 -- Value 2: array of 6 elements
68 -- Element 1: CBOR text string of 8 bytes
6C 61 74 69 74 75 64 65 -- "latitude" UTF-8 string
FB ... -- Element 2: Latitude as CBOR encoded double-precision float
69 -- Element 3: CBOR text string of 9 bytes
6C 6F 6E 67 69 74 75 64 65 -- "longitude" UTF-8 string
FB ... -- Element 4: Longitude as CBOR encoded double-precision float
68 -- Element 5: CBOR text string of 8 bytes
61 6C 74 69 74 75 64 65 -- "altitude" UTF-8 string
FB ... -- Element 6: Altitude as CBOR encoded double-precision float
Received on Wednesday, 3 August 2016 06:14:43 UTC