W3C home > Mailing lists > Public > public-webauthn@w3.org > November 2017

Re: [webauthn] build on Adding a choice for RP to express preferences for attestation types

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Wed, 22 Nov 2017 17:37:06 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-346422930-1511372224-sysbot+gh@w3.org>
@agl 

>[...] we are pondering providing a retrospective unblinding token in the no-attestation case, which we would need to be carried in the attestation data(*).

For that to be of any value, aren't you assuming the RP will store the attestation statement? What's to say that an RP will store it if they don't care about authenticator attestation (since they sent `attestation: "none"`, or left it at that default)?

It is definitely a good idea for the Privacy CA case, where the RP explicitly _does_ care and can reasonably be expected to store the attestation statement.

>[...] the signed data cannot be altered by a client without invalidating the signature by the Privacy CA and thus the AAGUID cannot be eliminated without co-operation from the token.

However in the Privacy CA case, the authenticator's signature isn't passed on to the RP, correct? If so, the Privacy CA could alter the authenticator data - e.g., zero out the AAGUID - before signing it, without cooperation from the token.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/693#issuecomment-346422930 using your GitHub account
Received on Wednesday, 22 November 2017 17:37:08 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:44 UTC