- From: J.C. Jones via GitHub <sysbot+gh@w3.org>
- Date: Wed, 26 Jul 2017 01:28:58 +0000
- To: public-webauthn@w3.org
jcjones has just created a new issue for https://github.com/w3c/webauthn:
== Attestation Data defines ECC key X, Y parameters two ways ==
Web Authentication defines the Attestation Data's Credential Public Key in the CBOR map as having parameters `x` and `y` of type `biguint` [1], and then refers to RFC7518 section 6.2.1.{2,3} [2] for the details:
> "The semantics and naming of the other fields (though not their encoding) follows the definitions in [RFC7518] section 6"
RFC7518 defines `x` and `y` as base64url-encoded strings; presumably the language "_though not their encoding_" means to ignore that and go with them as being type `biguint`, but it'd be nice to be more explicit, perhaps with an example or saying something like:
> "The semantics and naming of the other fields follow the definitions in [RFC7518] section 6, except where the CBOR-defined encoding differs, where Web Authentication's definition has supremacy."
[1] https://www.w3.org/TR/webauthn/#sec-attestation-data
[2] https://tools.ietf.org/html/rfc7518#section-6.2.1.2
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/509 using your GitHub account
Received on Wednesday, 26 July 2017 01:28:59 UTC