W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] Sign counter alg 507

From: John Bradley via GitHub <sysbot+gh@w3.org>
Date: Fri, 08 Sep 2017 17:00:41 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-328159077-1504890030-sysbot+gh@w3.org>
I would make it -1 or any negative number, that way those that want to use the value to protect against differential power analasis in the future can, without blowing up verification. 

In any event -1=ffffffff is safer to use as a flag than 0.  If we use a valid value for the flag it will wind up always being a question or confusion for developers.

GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-328159077 using your GitHub account
Received on Friday, 8 September 2017 17:00:35 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC