Re: Simplifying Android attestation from Alexei Czeskis on 2016-05-03 (public-webauthn@w3.org from May 2016)

From: Alexei Czeskis <aczeskis@google.com>
Date: Tue, 3 May 2016 14:59:46 -0700
To: Vijay Bharadwaj <vijaybh@microsoft.com>
Cc: "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <CAM_SUqcRDid46AX3K8N_-Vc_f7OQ8tUpCEhUUA2aWqG0Ar03Cg@mail.gmail.com>

This looks great to me based on the diff that Jeff sent.


Thanks!
-Alexei

*____**_**__**_**_**_**_**_**_**_**_**_*

 . Alexei Czeskis .:. Securineer .:. 317.698.4740 .

On Mon, May 2, 2016 at 10:37 PM, Vijay Bharadwaj <vijaybh@microsoft.com>
wrote:

> On the PR for issue #1, JeffH asked why I was declaring the attestation
> statement as type any in the top-level IDL. This is an excellent question,
> and befits a more detailed response than I could give on the PR discussion
> thread.
>
>
>
> As I mentioned in my response, I am wondering if we could eliminate a
> bunch of client-side processing that consists simply of bit-fiddling the
> Android attestation to get it into a “pretty” format. To give people a more
> concrete idea of what I mean, I have attached a version of the “merged”
> spec (i.e. incorporating the PR changes for both #1 and #61) that
> eliminates this bit-fiddling. I’d be happy to add this to the PR for #1 if
> people think it’s better than what we have now.
>
>
>
> Note that all the differences are in section 4.4.
>
>
>
> Thanks,
>
>
>
> --
> -Vijay
>

Received on Tuesday, 3 May 2016 22:00:29 UTC