Re: [webauthn] Replace Authenticator Model with CTAP

1. If the authenticator model's interface is in terms of WebIDL types, then CTAP would define how to convert the WebIDL values into CBOR and back, in order to transmit them over BT, USB, or NFC. If the authenticator model's interface is in terms of CDDL/CBOR types, then WebAuthn's algorithms need to produce the appropriate CBOR data before calling them. A generic WebIDL<->CBOR mapping might be the most concise way to specify some of that, but it's probably not essential.

2. Yeah, it might be that certain steps need to allow multiple options. I did something like that with I think we should still be explicit about where we're allowing implementation variation, and we should put constraints on the allowable behavior. For example, using DES to encrypt the private key into the credential ID should probably not be allowed.

3. For example, specifies how the Client should take a command, which has a numeric identifier and a CBOR payload, and encode it into the USB HID protocol, and it also somewhat implicitly specifies how to identify the command and reconstruct the CBOR payload on the USB device side.

GitHub Notification of comment by jyasskin
Please view or discuss this issue at using your GitHub account

Received on Friday, 26 May 2017 19:34:38 UTC