[w3c/webauthn] d1ac4d: Represent binary data as ArrayBuffers instead of b... from GitHub on 2016-09-12 (public-webauthn@w3.org from September 2016)

From: GitHub <noreply@github.com>
Date: Mon, 12 Sep 2016 16:50:26 -0700
To: public-webauthn@w3.org
Message-ID: <57d73f42247da_5bc33fad93ba9138420c7@hookshot-fe2-cp1-prd.iad.github.net.mail>

  Branch: refs/heads/vijaybh/61-buffers
  Home:   https://github.com/w3c/webauthn
  Commit: d1ac4d61c375f909ee31e2dc839e01bcc76a3730
      https://github.com/w3c/webauthn/commit/d1ac4d61c375f909ee31e2dc839e01bcc76a3730
  Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
  Date:   2016-04-30 (Sat, 30 Apr 2016)

  Changed paths:
    M index.src.html

  Log Message:
  -----------
  Represent binary data as ArrayBuffers instead of base64-encoded DOMStrings

Fixes #61.

I switched the main API completely from base64-encoded DOMStrings to
Buffersource (for input parameters) and ArrayBuffer (for output
parameters). The actual signatures are still computed over the same data
as before, so signatures computed after this change will be compatible
with those computed before, except for being represented differently.

I moved the ClientData section into the Authenticator model section
since it is not directly used by script authors. This structure still
does base64 encoding of the challenge, for two reasons. First, this
maintains backward compatibility. Second, it is more natural to
represent a binary challenge in JSON as base64 rather than the clunky
array notation.

I would like to advocate for also changing the rawData in the TPM and
packed attestation formats to ArrayBuffers so we can sign directly over
the data without base64 encoding. That would seem to simplify
processing. However this would break compatibility so I would like to
gather opinions from the group before making that change. On the bright
side, I do not know of any implementations producing WebAuthn
attestation statements in these formats yet.


  Commit: 19f23b7db10676123409b79dcc97669f645af62d
      https://github.com/w3c/webauthn/commit/19f23b7db10676123409b79dcc97669f645af62d
  Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
  Date:   2016-05-01 (Sun, 01 May 2016)

  Changed paths:
    M index.src.html

  Log Message:
  -----------
  Remove base64 from packed and TPM attestation formats

Remove base64 encoding from the rawData fields and return them directly
as ArrayBuffers.


  Commit: 4fbfa4c315e679e2d29e9cee661049b165938898
      https://github.com/w3c/webauthn/commit/4fbfa4c315e679e2d29e9cee661049b165938898
  Author: Vijay Bharadwaj <vijaybh@users.noreply.github.com>
  Date:   2016-05-01 (Sun, 01 May 2016)

  Changed paths:
    M index.src.html

  Log Message:
  -----------
  Clarify Android attestation procedure


Compare: https://github.com/w3c/webauthn/compare/d1ac4d61c375^...4fbfa4c315e6

Received on Monday, 12 September 2016 23:50:56 UTC