W3C home > Mailing lists > Public > public-webauthn@w3.org > April 2018

[webauthn] Return the employed AuthenticatorTransport when creating a new credential

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Mon, 30 Apr 2018 23:08:36 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-319065744-1525129715-sysbot+gh@w3.org>
equalsJeffH has just created a new issue for https://github.com/w3c/webauthn:

== Return the employed AuthenticatorTransport when creating a new credential ==
@agl [originally wrote](https://github.com/w3c/webauthn/pull/882#issue-183773782):

FIDO U2F found it neccessary to wedge the authenticator transport in an
X.509 extension of the attestation certificate in order to communicate
this information to the RP.

In Webauthn, we currently note that it's possible that an RP might learn
this information from the attestation, but now have several kinds of
attestation and it seems dumb to define ways to wedge this information
in each.

Instead, have the client include the transport in the
AuthenticatorAttestationResponse. Also, define another transport type
for cases where a non-standard protocol is used to communicate with a
platform authenticator.

This issue pertains to PR #882 

assigning @agl to start because he originated PR #882

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/889 using your GitHub account
Received on Monday, 30 April 2018 23:08:41 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:32 UTC