W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] #registering-a-new-credential step 10 breakage

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Mon, 11 Sep 2017 23:13:23 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-328684717-1505171594-sysbot+gh@w3.org>
refining/fixing suggestion for step 10:
10. Verify that |attStmt| is a correct [=attestation statement=], conveying 
a valid [=attestation signature=], by 
using the [=attestation statement format=] |fmt|'s
verification procedure, given |attStmt|, [=authenticator data=] |authData| 
and the [=hash of the serialized client data=] computed in step 6.
Each [=attestation statement format=]'s verification procedure is given by
the format's specification. See [[#defined-attestation-formats]] for the initially-
defined formats, and [[!WebAuthn-Registries]] for the up-to-date list.

need to also fix the ags defined in [#verification-procedures](http://w3c.github.io/webauthn/#verification-procedures) to match.

the [#verification-procedures](http://w3c.github.io/webauthn/#verification-procedures) may also need the RP's expected RP ID value passed-in.

GitHub Notification of comment by equalsJeffH
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/561#issuecomment-328684717 using your GitHub account
Received on Monday, 11 September 2017 23:13:16 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC