If we are concerned about an authenticator nonce, we could simply add it - independent from the the signature counter. Let's call it authenticator nonce and explain why we want it and what the RP would have to do with it (i.e. ignore it). That would be much cleaner IMHO. -- GitHub Notification of comment by rlin1 Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-325913489 using your GitHub accountReceived on Wednesday, 30 August 2017 07:59:32 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC