- From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
- Date: Thu, 19 Oct 2017 08:29:03 +0000
- To: public-webauthn@w3.org
@akshayku It looks like you're confusing _attestation statement formats_ ("signing/verification procedures") and _attestation types_ ("trust models"). The two are distinct: `packed`, `tpm`, `andoid-key`, `android-safetynet` and `fido-u2f` are the currently defined attestation statement formats and "Self Attestation", "Basic Attestation", "Privacy CA" and "ECDAA" are the currently defined attestation types. Each attestation statement format can convey some nonempty subset of the attestation types. I'm not suggesting any new attestation statement formats or attestation types, the only thing new I suggest is `none` as a pseudo-attestation type used only in this preference parameter to tell the client that any attestation statement will be completely ignored. -- GitHub Notification of comment by emlun Please view or discuss this issue at https://github.com/w3c/webauthn/pull/636#issuecomment-337836885 using your GitHub account
Received on Thursday, 19 October 2017 08:29:09 UTC