W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2016

[webauthn] clarify content of algorithm member of copedCredentialParameters

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 01 Jun 2016 23:14:28 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-158027740-1464822867-sysbot+gh@w3.org>
equalsJeffH has just created a new issue for 

== clarify content of algorithm member of copedCredentialParameters ==
in https://w3c.github.io/webauthn/#credential-params, the statement..
  The algorithm member specifies the cryptographic algorithm with 
  which the newly generated credential will be used.
ought to be something more akin to..
  The algorithm member specifies the cryptographic key generation 
  algorithm parameters with which the credential key pair MUST be 
..and further refinement beyond that may be needed: 

I.e., a question is just how much of gnarly key gneration params ought
 a RP webapp be supplying, and how much does the underlying client 
platform supply?
See https://www.w3.org/TR/WebCryptoAPI/#examples-section for an 
example of the full unabridged key gen params used to generate an RSA 
key pair.  Perhaps the RP webapp **could** pass in only as much as it 
cares/needs to specify..
  { "name": "RSASSA-PKCS1-v1_5" }
..on the makeCredential() method, and the underlying platform takes 
care of the other details (i.e., modulusLength, publicExponent, and 
hash), or it could pass in..
  { "name": "RSASSA-PKCS1-v1_5",
     "hash":"SHA-256" }
..or the complete algorithmIdentifier as shown in the webcrypto spec 
var algorithmKeyGen = {
  name: "RSASSA-PKCS1-v1_5",
  // RsaHashedKeyGenParams
  modulusLength: 2048,
  publicExponent: new Uint8Array([0x01, 0x00, 0x01]),  // Equivalent 
to 65537
  hash: {
    name: "SHA-256"

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/113 using your GitHub account
Received on Wednesday, 1 June 2016 23:14:29 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:21 UTC