user authn public key duplicated in ScopedCredentialInfo and AttestationStatement (rawData) ? from jeff.hodges@kingsmountain.com on 2016-05-02 (public-webauthn@w3.org from May 2016)

From: <jeff.hodges@kingsmountain.com>
Date: Mon, 2 May 2016 17:37:00 -0600
To: "W3C WebAuthn WG" <public-webauthn@w3.org>
Message-ID: <ae16e4c83f824bc11eaa8faec8b9c799.squirrel@box514.bluehost.com>

referring to the present https://w3c.github.io/webauthn/ ...

Is the "user authn" public key (to use a term from UAF), as returned by
makeCredential(), conveyed within _both_ ScopedCredentialInfo.publicKey and
ScopedCredentialInfo.attestation.core.rawData (when
ScopedCredentialInfo.attestation.core.type = "PACKED" or "ANDROID") ?

Such duplication appears to not be the case when
ScopedCredentialInfo.attestation.core.type = "TPM" (?)

thanks,

=JeffH

Received on Monday, 2 May 2016 23:37:30 UTC