W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2017

[webauthn] FIDO U2F Attestation Statement Format doesn't say what to do with AAGUID

From: J.C. Jones via GitHub <sysbot+gh@w3.org>
Date: Mon, 17 Jul 2017 17:54:14 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-243475549-1500314052-sysbot+gh@w3.org>
jcjones has just created a new issue for https://github.com/w3c/webauthn:

== FIDO U2F Attestation Statement Format doesn't say what to do with AAGUID ==
The AAGUID field is a required part of the Authenticator Data structure. U2F devices may not have an AAGUID. (I think, if it exists, it's in the attestation certificate?)

We should define what the 128-bit AAGUID should be if if isn't known, instead of leaving it implementation-specific. Right now Firefox is leaving it as all zeroes (and not even trying to pull it out of the certificate -- that's a TODO), but we'll swap to whatever is appropriate.

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/506 using your GitHub account
Received on Monday, 17 July 2017 17:54:21 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:26 UTC