W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2016

Attestation changes (was RE: [webauthn] new commits pushed by rlin1)

From: Vijay Bharadwaj <vijaybh@microsoft.com>
Date: Wed, 14 Sep 2016 16:34:24 +0000
To: Rolf Lindemann <rlindemann@noknok.com>, "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <1f27cb19962d4c8fa77bfa07d4713a38@microsoft.com>
Thanks very much for doing this, Rolf. I hadn't been able to finish this up yet unfortunately.

I was looking at the diffs (https://github.com/w3c/webauthn/compare/vgb-modular-attestation...rolf-modular-attestation-changes) and I agree with a lot of the changes, and I think they make for a more consistent description of attestation overall.

Two things I think we could discuss:
1. Naming - I feel like level1Data and level2Data are perhaps not sufficiently evocative. How do you feel about authenticatorData and attestedData? The former would be defined as things about the authenticator that might be said by anyone, and the latter is things that the authenticator (or its crypto kernel) actually attested to.
2. You added Android N attestation. Thanks for doing this - it fixes #103 and #128, and it also provides a nice test case for adding new attestation types in the new structure. However, I am far from an expert on Android N, so perhaps someone who knows more about that could double-check the section for technical accuracy?

Regarding logistics, would you be okay if I pull this into my attestation branch, then submit the whole merged thing as one unit once we've signed off as a group?

-----Original Message-----
From: Rolf Lindemann via GitHub [mailto:sysbot+gh@w3.org] 
Sent: Wednesday, September 14, 2016 6:55 AM
To: public-webauthn@w3.org
Subject: [webauthn] new commits pushed by rlin1

The following commits were just pushed by rlin1 to 

* more notes added
  by rlin1

* merged
  by rlin1

Received on Wednesday, 14 September 2016 16:35:19 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:22 UTC