- From: Hodges, Jeff <jeff.hodges@paypal.com>
- Date: Sat, 5 Nov 2016 01:11:36 +0000
- To: Vijay Bharadwaj <vijaybh@microsoft.com>
- CC: W3C WebAuthn WG <public-webauthn@w3.org>
On 10/26/16, 11:00 AM, "Vijay Bharadwaj" <vijaybh@microsoft.com> wrote: >No, sorry, that text is confusing. > >AIUI the Android Key Attestation signature is itself in the form of an >X.509 certificate. This certificate contains the credential public key >and is signed by the attesting key. This public key (the one inside the >signature-which-looks-like-a-certificate) is what's being talked about >here. ok, thanks, plus our link to 'Android Key Attestation' is stale. what i found.. <https://developer.android.com/training/articles/security-key-attestation.h tml> ..et al seems to work as you describe above. =JeffH
Received on Saturday, 5 November 2016 01:12:10 UTC