- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Wed, 01 Jun 2016 23:14:28 +0000
- To: public-webauthn@w3.org
equalsJeffH has just labeled an issue for
https://github.com/w3c/webauthn as "stat:Discuss":
== clarify content of algorithm member of copedCredentialParameters ==
in https://w3c.github.io/webauthn/#credential-params, the statement..
```
The algorithm member specifies the cryptographic algorithm with
which the newly generated credential will be used.
```
ought to be something more akin to..
```
The algorithm member specifies the cryptographic key generation
algorithm parameters with which the credential key pair MUST be
generated.
```
..and further refinement beyond that may be needed:
I.e., a question is just how much of gnarly key gneration params ought
a RP webapp be supplying, and how much does the underlying client
platform supply?
See https://www.w3.org/TR/WebCryptoAPI/#examples-section for an
example of the full unabridged key gen params used to generate an RSA
key pair. Perhaps the RP webapp **could** pass in only as much as it
cares/needs to specify..
```
{ "name": "RSASSA-PKCS1-v1_5" }
```
..on the makeCredential() method, and the underlying platform takes
care of the other details (i.e., modulusLength, publicExponent, and
hash), or it could pass in..
```
{ "name": "RSASSA-PKCS1-v1_5",
"hash":"SHA-256" }
```
..or the complete algorithmIdentifier as shown in the webcrypto spec
example..
```
var algorithmKeyGen = {
name: "RSASSA-PKCS1-v1_5",
// RsaHashedKeyGenParams
modulusLength: 2048,
publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent
to 65537
hash: {
name: "SHA-256"
}
};
```
See https://github.com/w3c/webauthn/issues/113
Received on Wednesday, 1 June 2016 23:14:30 UTC