- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Sun, 07 May 2017 23:29:58 +0000
- To: public-webauthn@w3.org
agl has just created a new issue for https://github.com/w3c/webauthn: == "WebAuthn Authenticator model" seemingly prohibits random AAGUIDs (minor) == (This is a pedantic nit:) The [section](https://www.w3.org/TR/2017/WD-webauthn-20170505/#authenticator-model) describing the authenticator model specifies that the AAGUID is a 128-bit string, and that it must be chosen to be: > different (with probability 1-2<sup>128</sup> or greater) from the AAGUIDs of all other types of authenticators However, once there exist two AAGUIDs in the world then choosing a random, 128-bit number is not sufficient to meet this requirement. (Because a random number would have a 2/2<sup>128</sup> chance of colliding with one of the other AAGUIDs in the world.) It seems that this section is trying to say that random AAGUIDs are ok, but may have inadvertently, technically, forbidden them. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/452 using your GitHub account
Received on Sunday, 7 May 2017 23:30:04 UTC