W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2017

Re: [webauthn] Replace Authenticator Model with CTAP

From: Jeffrey Yasskin via GitHub <sysbot+gh@w3.org>
Date: Fri, 26 May 2017 18:16:06 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-304353265-1495822565-sysbot+gh@w3.org>
:) I should file a collection of issues. Roughly:
1. Interfaces like https://w3c.github.io/webauthn/#op-make-cred should give precise types for the parameters and return values. These types should probably be CBOR specified with CDDL, but could be WebIDL.
2. The algorithms in https://w3c.github.io/webauthn/#op-make-cred should number their steps, and the steps should be precise about how the authenticator should act. The current precision is close, but for example it should describe the difference between storing the key and encrypting it into the credential ID. Calling out to existing FIDO specs is totally fine.
3. Specs like CTAP should describe how to convert the parameters from WebAuthn's types to transferrable types, transfer them, and then convert back to WebAuthn's types in order to call the algorithm bodies, and similarly for the results.

-- 
GitHub Notification of comment by jyasskin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/410#issuecomment-304353265 using your GitHub account
Received on Friday, 26 May 2017 18:16:13 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:36 UTC