[webauthn] Make U2F Attestation Format "sig" more precise

jcjones has just created a new issue for https://github.com/w3c/webauthn:

== Make U2F Attestation Format "sig" more precise ==
[Section 7.6](https://w3c.github.io/webauthn/#fido-u2f-attestation) defines the syntax of the **sig** field for the U2F Attestation Format as "The attestation signature." The Firefox [implementation chose (incorrectly)](https://bugzilla.mozilla.org/show_bug.cgi?id=1387820) to use the whole U2F signature response, including counter and flags, rather than the bare signature.

It would be good to adjust the language to something akin to "**sig**: The attestation signature alone, without protocol flags or counters."

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/530 using your GitHub account

Received on Wednesday, 9 August 2017 18:12:10 UTC