W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] Fix Android attestation

From: Ki-Eun Shin via GitHub <sysbot+gh@w3.org>
Date: Thu, 21 Sep 2017 06:07:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-331060502-1505974051-sysbot+gh@w3.org>
Since the parameter for setAttestationChallenge is changed from the concatenation of authenticatorData and clientDataHash to clientDataHash only, the verification procedure should be modified as well.
> The value of the attestationChallenge field is identical to the concatenation of authenticatorData and clientDataHash.

In stead,
> The value of the attestationChallenge field is identical to clientDataHash.

@christiaanbrand would you change the verification procedures?


-- 
GitHub Notification of comment by Kieun
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/546#issuecomment-331060502 using your GitHub account
Received on Thursday, 21 September 2017 06:07:36 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC