W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] Make packed attestation format Privacy CA-friendly

From: Adam Langley via GitHub <sysbot+gh@w3.org>
Date: Fri, 29 Sep 2017 23:02:53 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-333258435-1506726159-sysbot+gh@w3.org>
There might not be an enrollment process between the authenticator and the Privacy-CA. There is not, for example, in current U2F tokens.

As an alternative to Dirk's scheme, the RP ID should be replaced in the signed message with H(blind + RP ID). The Privacy-CA would still see the structure of the message that it was signing, but the blind would only be disclosed to the RP by the client.

-- 
GitHub Notification of comment by agl
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/584#issuecomment-333258435 using your GitHub account
Received on Friday, 29 September 2017 23:02:44 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC