Re: [webauthn] Consider requiring canonical CBOR throughout

@jovasco Is there a situation where the authenticator would not know how many extensions it's going to send before starting to encode the list of them? Recall that CBOR's length prefix counts the number of items, unlike DER's which needs the number of bytes.

GitHub Notification of comment by jyasskin
Please view or discuss this issue at using your GitHub account

Received on Tuesday, 29 August 2017 17:47:48 UTC