W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2017

[webauthn] Expose credential public key in `ScopedCredential`

From: bifurcation via GitHub <sysbot+gh@w3.org>
Date: Wed, 08 Feb 2017 17:57:43 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-206275564-1486576662-sysbot+gh@w3.org>
bifurcation has just created a new issue for 

== Expose credential public key in `ScopedCredential` ==
The result of a `makeCredential` call provides certain information 
about a credential:

* Type
* ID
* Public key
* RP ID associated to the credential

Of these four elements, only the Type and ID are exposed in the 
`ScopedCredential` object.   The other two are buried in the 
`authenticatorData` field of the `AuthenticatorAttestation` object.  
For the RP ID, that's fine; this is just reflecting back a value the 
caller specified.  The public key, however, is generated by the the 
authenticator, and needs to be accessible to the RP in order for it to
 verify assertions.  

Instead of forcing the RP to parse the public key out of the 
`authenticatorData`, the API should expose the public key as an 
attribute on `ScopedCredential` in a way that can be more directly 
used, e.g., as a JWK that can be used with WebCrypto.

Please view or discuss this issue at 
https://github.com/w3c/webauthn/issues/337 using your GitHub account
Received on Wednesday, 8 February 2017 17:57:51 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC