W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] Adding a choice for RP to express preferences for attestation types

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 18 Oct 2017 16:51:52 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-337655550-1508345511-sysbot+gh@w3.org>
@agl Actually I am more confused now :)

The conversation started with Privacy CA and hiding user and device information from RP's and Privacy CA. Now it looks like it's about attestation itself. Or is it both with a open ended wording for `verifiable`? 

If it is only about attestation being passed or not, then it is a simpler conversation.
If it is open ended, where platform decides in future that it wants to hide that information, then we need a way out for our RP's as we need device information for our customers.
If it is not open ended and we are not doing privacy CA thing right now, we need to clarify that in the text. 

Privacy CA is a much bigger topic and I don't think we are ready yet with a solid proposal and we propose it to be addressed when we have a common understanding of what it means for all the parties (RP's/Platforms/Authenticators) involved in next version.

To remove confusion, I like @emlun suggestion with following caveats
- List should be ordered list of attestation types what RP prefers.
- The values can ONLY be one of the attestation format types defined in the spec.
- We introduce a new attestation type named `privacy-ca` to enable Privacy CA.
- We introduce a new attestation type named `none` which basically means no attestation.
- We introduce a new attestation type named `self` which basically means attestation by newly created credential.

So the whole options becomes based on today's attestation statement format type becomes
- `packed` : Meaning whole device information getting send to RP
- `tpm`
- `android-key`
- `android-safetynet`
- `fido-u2f`
- `privacy-ca`: NEW 
- `self`: NEW
- `none`: NEW

Now the default, we believe that giving more information by default is a good thing for the ecosystem. If someone does not care, it can pass `none` or he can ignore the attestation statement when it receives so there is no issue of RP forgetting to setup these flags. 


GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/636#issuecomment-337655550 using your GitHub account
Received on Wednesday, 18 October 2017 16:51:54 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC