After talking to @akshayku, I learned that the CTAP layer already has a way to handle malformed CBOR by erroring out. It's not necessary to do the same action on the web layer. CBOR will be validated when it is parsed and used. Outer layers should simply pass the CBOR bytes to the components that will consume. Outer layers shouldn’t know the details of the inner CBOR that might change over time. Closing the issue. -- GitHub Notification of comment by AngeloKai Please view or discuss this issue at https://github.com/w3c/webauthn/issues/469#issuecomment-327574351 using your GitHub accountReceived on Wednesday, 6 September 2017 18:33:18 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC