W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2017

Re: [webauthn] Consider requiring canonical CBOR throughout

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Wed, 30 Aug 2017 17:55:50 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-326069633-1504115741-sysbot+gh@w3.org>
For small chips, I would imagine that the encoding would be generated directly by code and, as such, maps would be sorted by virtue of the code blocks that emit each element being ordered.

I agree that checking different requirements of the canonical form should be a MAY for implementations as a few large implementations doing the checks is sufficient to keep the ecosystem on track.

I don't believe that these messages will be so large that an implementation will not be able to calculate the size of strings beforehand.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/455#issuecomment-326069633 using your GitHub account
Received on Wednesday, 30 August 2017 17:55:47 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC