RE: [w3c/webauthn] 634c26: Represent binary data as ArrayBuffers instead of b... from Mike Jones on 2016-05-04 (public-webauthn@w3.org from May 2016)

From: Mike Jones <Michael.Jones@microsoft.com>
Date: Wed, 4 May 2016 00:14:13 +0000
To: "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <SN1PR0301MB164518578EB0EA20CAD2E843F57B0@SN1PR0301MB1645.namprd03.prod.outlook.>

Since we're changing many of the representations to using ArrayBuffers and operating on them, I'd advocate for doing this consistently and uniformly.  Thus, I agree with the proposed rawData changes in the TPM and packed attestation representations.

Thanks for working to make things simpler and more consistent, Vijay.

    -- Mike

-----Original Message-----
From: noreply@github.com [mailto:noreply@github.com] 
Sent: Tuesday, May 03, 2016 4:53 PM
To: public-webauthn@w3.org
Subject: [w3c/webauthn] 634c26: Represent binary data as ArrayBuffers instead of b...

  Branch: refs/heads/vijaybh/1-abstraction
  Home:   https://github.com/w3c/webauthn

  Commit: 634c269257db45919bec3cc4c7dd0dc40a492e0a
      https://github.com/w3c/webauthn/commit/634c269257db45919bec3cc4c7dd0dc40a492e0a

  Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
  Date:   2016-05-03 (Tue, 03 May 2016)

  Changed paths:
    M index.src.html

  Log Message:
  -----------
  Represent binary data as ArrayBuffers instead of base64-encoded DOMStrings (#77)

* Represent binary data as ArrayBuffers instead of base64-encoded DOMStrings

Fixes #61.

I switched the main API completely from base64-encoded DOMStrings to Buffersource (for input parameters) and ArrayBuffer (for output parameters). The actual signatures are still computed over the same data as before, so signatures computed after this change will be compatible with those computed before, except for being represented differently.

I moved the ClientData section into the Authenticator model section since it is not directly used by script authors. This structure still does base64 encoding of the challenge, for two reasons. First, this maintains backward compatibility. Second, it is more natural to represent a binary challenge in JSON as base64 rather than the clunky array notation.

I would like to advocate for also changing the rawData in the TPM and packed attestation formats to ArrayBuffers so we can sign directly over the data without base64 encoding. That would seem to simplify processing. However this would break compatibility so I would like to gather opinions from the group before making that change. On the bright side, I do not know of any implementations producing WebAuthn attestation statements in these formats yet.

* Remove base64 from packed and TPM attestation formats

Remove base64 encoding from the rawData fields and return them directly as ArrayBuffers.

* Clarify Android attestation procedure

  Commit: 1a25f7f9ac83da3c751a04f6334c5409f1378207
      https://github.com/w3c/webauthn/commit/1a25f7f9ac83da3c751a04f6334c5409f1378207

  Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
  Date:   2016-05-03 (Tue, 03 May 2016)

  Log Message:
  -----------
  Merge branch 'master' into vijaybh/1-abstraction

Compare: https://github.com/w3c/webauthn/compare/d1fb5f202449...1a25f7f9ac83

Received on Wednesday, 4 May 2016 00:14:43 UTC