Re: [webauthn] Specify the set of hash algorithms UAs can select between.

The algorithm agility story should probably be bigger than just the hash function. I've seen advice that we should strive to handle agility by upgrading to a whole new suite of cryptographic primitives, rather than making the parties negotiate each algorithm. Maybe the [`PublicKeyCredentialType`]( enumeration is the right place to declare which versions an RP supports, and then each version will specify a single cryptographic algorithm for the authenticator to use in each place?

GitHub Notification of comment by jyasskin
Please view or discuss this issue at using your GitHub account

Received on Sunday, 21 May 2017 04:40:06 UTC