W3C home > Mailing lists > Public > public-webauthn@w3.org > November 2016

Re: [webauthn] explicitly denote RSA signature scheme

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 02 Nov 2016 16:46:33 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-257924485-1478105191-sysbot+gh@w3.org>
Agreed the present overall state is messy and we need to clean it up.
  

WRT the attested credential public key:
> for the public key in the attestation, I wonder if we could just use
 a CBOR map of the JsonWebKey structure (using binary fields not DER 
encoding)

A good question for implementors -- offhand it seems the two top 
choices are the CBOR-encoded JWK suggestion above, or traditional 
DER-encoded ASN.1 type of RSAPublicKey from 
https://tools.ietf.org/html/draft-moriarty-pkcs1-03#appendix-A.1   -- 
i could be convinced to do either one.  this is overall a question for
 server-side implementors, yes?  the client-side stack should just 
regard this as a blob as noted in #244 yes?
 

-- 
GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/239#issuecomment-257924485 
using your GitHub account
Received on Wednesday, 2 November 2016 16:46:53 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:23 UTC