Re: [webauthn] Packed and U2F Attestation Statements' verifications don't differentiate between Basic and Privacy CA Attestation Types

I'm not sure having Privacy CA as a separate attestation type is very meaningful, as like you say (and @balfanz notes in https://github.com/w3c/webauthn/issues/628#issue-264709581), to the RP it looks and act the same as Basic Attestation. I would suggest merging the two concepts, but I'm not sure how that would affect the TPM attestation statement format which seems to be intimately connected to the Privacy CA model.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/656#issuecomment-337842187 using your GitHub account

Received on Thursday, 19 October 2017 08:49:02 UTC