- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Mon, 12 Sep 2016 23:50:27 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by equalsJeffH to https://github.com/w3c/webauthn: * Represent binary data as ArrayBuffers instead of base64-encoded DOMStrings Fixes #61. I switched the main API completely from base64-encoded DOMStrings to Buffersource (for input parameters) and ArrayBuffer (for output parameters). The actual signatures are still computed over the same data as before, so signatures computed after this change will be compatible with those computed before, except for being represented differently. I moved the ClientData section into the Authenticator model section since it is not directly used by script authors. This structure still does base64 encoding of the challenge, for two reasons. First, this maintains backward compatibility. Second, it is more natural to represent a binary challenge in JSON as base64 rather than the clunky array notation. I would like to advocate for also changing the rawData in the TPM and packed attestation formats to ArrayBuffers so we can sign directly over the data without base64 encoding. That would seem to simplify processing. However this would break compatibility so I would like to gather opinions from the group before making that change. On the bright side, I do not know of any implementations producing WebAuthn attestation statements in these formats yet. by Vijay Bharadwaj https://github.com/w3c/webauthn/commit/d1ac4d61c375f909ee31e2dc839e01bcc76a3730 * Remove base64 from packed and TPM attestation formats Remove base64 encoding from the rawData fields and return them directly as ArrayBuffers. by Vijay Bharadwaj https://github.com/w3c/webauthn/commit/19f23b7db10676123409b79dcc97669f645af62d * Clarify Android attestation procedure by Vijay Bharadwaj https://github.com/w3c/webauthn/commit/4fbfa4c315e679e2d29e9cee661049b165938898
Received on Monday, 12 September 2016 23:50:41 UTC