Re: [webauthn] Signature format needs to be defined

It seems to me like the most straightforward thing to do is to say that the signature contains the same representation of raw bytes as would be used in the corresponding COSE signature for the corresponding algorithm.  That way we *don't* have to define these for all algorithms - only possibly for new ones that we introduce ourselves.

The COSE signatures are all raw byte arrays and as Jim Schaad said, at least for ECDSA, correspond to the DER representation within the ASN.1.


-- 
GitHub Notification of comment by selfissued
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/799#issuecomment-366120750 using your GitHub account

Received on Friday, 16 February 2018 01:40:02 UTC