W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] Packed and U2F Attestation Statements' verifications don't differentiate between Basic and Privacy CA Attestation Types

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 19 Oct 2017 08:49:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-337842187-1508402940-sysbot+gh@w3.org>
I'm not sure having Privacy CA as a separate attestation type is very meaningful, as like you say (and @balfanz notes in https://github.com/w3c/webauthn/issues/628#issue-264709581), to the RP it looks and act the same as Basic Attestation. I would suggest merging the two concepts, but I'm not sure how that would affect the TPM attestation statement format which seems to be intimately connected to the Privacy CA model.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/656#issuecomment-337842187 using your GitHub account
Received on Thursday, 19 October 2017 08:49:02 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC