W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2018

[webauthn] Unspecified CBOR encoding of integer numbers above a threshold

From: Peter Occil via GitHub <sysbot+gh@w3.org>
Date: Fri, 17 Aug 2018 23:48:05 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-351769440-1534549684-sysbot+gh@w3.org>
peteroupc has just created a new issue for https://github.com/w3c/webauthn:

== Unspecified CBOR encoding of integer numbers above a threshold ==
Section 9 contains the following text:

> When the JavaScript value is a non-integer number, it is converted to a 64-bit CBOR floating point number. Otherwise, when the JavaScript type corresponds to a JSON type, the conversion is done using the rules defined in Section 4.2 of [RFC7049] (Converting from JSON to CBOR), but operating on inputs of JavaScript type values rather than inputs of JSON type values.

However, because section 4.2 says the following:

> JSON numbers without fractional parts (integer numbers) are represented as integers ...; integers longer than *an implementation-defined threshold* (which is usually either 32 or 64 bits) may instead be represented as floating-point values.

and section 9 doesn't specify an implementation-defined threshold, then CBOR canonicalization is not possible if those integers are present &mdash; as a result it is not specified how integers greater than "an implementation-defined threshold" (2<sup>32</sup>? 2<sup>31</sup>? 2<sup>64</sup>? some other threshold?) should be encoded (as integers? as floating-point numbers?).

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1044 using your GitHub account
Received on Friday, 17 August 2018 23:48:06 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:34 UTC