Re: [webauthn] Sign counter alg 507

I can live with that as long as we have a implimentation note someplace that verifiers seeing 0 for the first authentication with that key handle don't do something stupid like check the stored value to see if it is zero before doing the comparison (You know someone will). I suppose the worst case is that broken implementations will ignore counter.   This gives up using some range of the counter for a nonce, but I don't know if anyone would do that anyway.   

One other idea that we could discuss offline might be having keys with single counters add a bounded random number to the counter.  That might make corrilation harder and add atlas some randomness as  you would not be able to predict the next output.   Even a small value between 1-10 would be better than a monotonic counter.

John B.

-- 
GitHub Notification of comment by ve7jtb
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-328195854 using your GitHub account

Received on Friday, 8 September 2017 19:40:59 UTC