Re: [webauthn] Sign counter alg 507

I recall someone (could it be Intel ?) considered using something like a 32-bit time_t value for the "counter" and we had a meta-discussion some time back what the strict interpretation of "monotonic" was. Instead of providing a monotonically incrementing counter, the current timestamp is used instead. It does indeed provides "ever increasing numbers".

Obviously, a U2F device will never ever be able to create a counter value even close to to a million or so (assuming silent authentication is potentially used). So just using the lower 31 bits seems sensible to me (implicitly allowing for the value 0x00000000).

I don't understand the notation of negative counter values. A counter starting at 0 cannot possibly be seen as monotonic if it's considered to be allowed to wrap into negative numbers (reaching 0x7fffffff). The value is a 32-bit unsigned number. We simply postulated in U2F that 16-bits was too low (64k) for the lifetime of a token and therefore went with a 32-bit value. Problem solved.

So, if the time_t approach was seen as legitimate, we'll get values with MSB set by now. 


-- 
GitHub Notification of comment by jehrensvard
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-328231832 using your GitHub account

Received on Friday, 8 September 2017 22:51:54 UTC