- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Wed, 01 Feb 2017 19:35:16 +0000
- To: public-webauthn@w3.org
@jehrensvard wrote: > It may go without saying, but for the sake of clarity and consistency, I believe the wording should be: > > /.../ compute a signature over the SHA256 HASH OF THE concatenation of the authenticatorData /.../ Actually, performing the hash over the input message (the "concatenation of the authenticatorData and the clientDataHash" in this case) is inherently a part of the signature algorithm (whether RSA [1] or ECDSA [2]). Note that the [U2F spec](https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915/fido-u2f-raw-message-formats-v1.1-id-20160915.html) says only " signature. This is a ECDSA signature (on P-256) over the following byte string ..." (e.g., in section 4.3). If folks feel strongly about it we can add a Note explaining this, but I'm not sure it is necessary. [1] hashing the "message" input to the RSA signature algs is done in [Section 9 of the PKCS#1 spec (now RFC8017)](https://tools.ietf.org/html/rfc8017#section-9). [2] hashing the "message" input to the ECDSA signature alg is done in [Step 4 of "DSA Signature Generation" of Section 2.2 in the poor man's version of ANSI X9.62](http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf). -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/332#issuecomment-276757762 using your GitHub account
Received on Wednesday, 1 February 2017 19:35:23 UTC