In implementation considerations 2.6 the counter should start at 0. In the limited tests I can do with the uninitialized key I have it send one for the first authentication but I am guessing that just happened to be one vendors implementation. A key sending 0 would be perfectly valid according to my reading of the spec, and I would probably have interpreted it that way. I think the better solution is to ignore all negative numbers in verification as those don't support a counter. That lets people use a negative random value to protect against power analysis if they want, and it will be ignored by the verifier. Basically Jakobs proposal. -- GitHub Notification of comment by ve7jtb Please view or discuss this issue at https://github.com/w3c/webauthn/issues/125#issuecomment-328156198 using your GitHub accountReceived on Friday, 8 September 2017 16:48:47 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC