Re: [webauthn] Make packed attestation format Privacy CA-friendly

Dirk's proposal seems like delegation of generating attestation signature from the authenticator to the Privacy CA (actually it's not in the context of TPM and WebAuthn). This is sometimes called proxy signature scheme. Usually, this approach is used in the applications like grid computing and mobile computing which the client has a limited resources to sign the message. It's not for the privacy of the original signer (authenticator and user).
In current WebAuthn spec there is no such delegation of signing right to other components, which has some privacy risk of leaking to-be-signed message to the proxy signer.
I think we need to clarify what we want to solve. 

-- 
GitHub Notification of comment by Kieun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/584#issuecomment-334464584 using your GitHub account

Received on Thursday, 5 October 2017 13:29:03 UTC