Re: [webauthn] Consider requiring canonical CBOR throughout

If you know the number of elements in a list ahead of time, it's really easy to produce a min-length encoding of the length.

What's the use case for unknown-length byte- and utf8-strings sent from the authenticator?

I don't think we'd specify that authenticators MUST or even SHOULD check that the map is sorted, but rather that they MAY.

GitHub Notification of comment by jyasskin
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 30 August 2017 15:22:31 UTC