W3C home > Mailing lists > Public > public-webauthn@w3.org > December 2016

Re: [webauthn] Should WebAuthnAttestation attributes have constructors?

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Tue, 20 Dec 2016 23:32:47 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-268390172-1482276765-sysbot+gh@w3.org>
you are suggesting something like:
```
[SecureContext, Constructor, Constructor(format)]
interface WebAuthnAttestation {
    readonly    attribute USVString     format;
    readonly    attribute ArrayBuffer   clientData;
    readonly    attribute ArrayBuffer   authenticatorData;
    readonly    attribute any           attestation;
};
```
yes?

A question is whether to allow for any, some, or all attr values to be
 passed-in via the constructor. It seems at least "format" would be a 
candidate (as illustrated above). 

thoughts?

Also, if we are adding `Constructor` to this interface object, then we
 should also consider doing it on these, on a case-by-case basis I 
suspect (it would seem WebAuthnAssertion ought to be a solid candidate
 if WebAuthnAttestation is one):
```
[SecureContext]
interface ScopedCredentialInfo {
    readonly attribute ScopedCredential     credential;
    readonly attribute WebAuthnAttestation  attestation;
};

[SecureContext]
interface WebAuthnAssertion {
    readonly attribute ScopedCredential  credential;
    readonly attribute ArrayBuffer       clientData;
    readonly attribute ArrayBuffer       authenticatorData;
    readonly attribute ArrayBuffer       signature;
};

[SecureContext]
interface ScopedCredential {
    readonly attribute ScopedCredentialType type;
    readonly attribute ArrayBuffer          id;
};


interface PackedAttestation {
    readonly    attribute ArrayBuffer   x5c;
    readonly    attribute ArrayBuffer   daaKey;
    readonly    attribute DOMString     alg;
    readonly    attribute ArrayBuffer   signature;
};

interface TpmAttestation {
    readonly    attribute DOMString     tpmVersion;
    readonly    attribute ArrayBuffer   x5c;
    readonly    attribute ArrayBuffer   daaKey;
    readonly    attribute ArrayBuffer   certifyInfo;
    readonly    attribute DOMString     alg;
    readonly    attribute ArrayBuffer   signature;
};

[SecureContext]
interface AndroidKeyAttestation {
    readonly    attribute ArrayBuffer   signature;
};

interface AndroidSafetyNetAttestation {
    readonly attribute unsigned long version;
    readonly attribute DOMString     safetyNetResponse;
};
```

-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/313#issuecomment-268390172 
using your GitHub account
Received on Tuesday, 20 December 2016 23:32:52 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC