W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] Make packed attestation format Privacy CA-friendly

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Fri, 29 Sep 2017 23:02:53 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-333258435-1506726159-sysbot+gh@w3.org>
There might not be an enrollment process between the authenticator and the Privacy-CA. There is not, for example, in current U2F tokens.

As an alternative to Dirk's scheme, the RP ID should be replaced in the signed message with H(blind + RP ID). The Privacy-CA would still see the structure of the message that it was signing, but the blind would only be disclosed to the RP by the client.

GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/584#issuecomment-333258435 using your GitHub account
Received on Friday, 29 September 2017 23:02:44 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC