W3C home > Mailing lists > Public > public-webauthn@w3.org > October 2017

Re: [webauthn] Packed and U2F Attestation Statements' verifications don't differentiate between Basic and Privacy CA Attestation Types

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Thu, 19 Oct 2017 08:49:01 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-337842187-1508402940-sysbot+gh@w3.org>
I'm not sure having Privacy CA as a separate attestation type is very meaningful, as like you say (and @balfanz notes in https://github.com/w3c/webauthn/issues/628#issue-264709581), to the RP it looks and act the same as Basic Attestation. I would suggest merging the two concepts, but I'm not sure how that would affect the TPM attestation statement format which seems to be intimately connected to the Privacy CA model.

GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/656#issuecomment-337842187 using your GitHub account
Received on Thursday, 19 October 2017 08:49:02 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:28 UTC