- From: gmandyam via GitHub <sysbot+gh@w3.org>
- Date: Tue, 27 Feb 2018 18:47:37 +0000
- To: public-webauthn@w3.org
>As I understand it and refer current implementations of UVI extension supported by FIDO UAF, authenticators should generate UVI value up to 32 bytes. Can you point to the relevant standards text that states this? The current web authn description is essentially replicated from https://fidoalliance.org/specs/fido-uaf-v1.1-ps-20170202/fido-uaf-reg-v1.1-ps-20170202.html#tags-used-in-the-protocol, and there is no text currently written there that places a limit on how many bytes that the authenticator can generate for UVI. The requirement in the UAF registry is "FIDO Servers supporting UVI extensions MUST support a length of up to 32 bytes for the UVI value. " Moreover - assuming such a requirement exists for UAF authenticators, is the intention to apply a similar 32 byte limit to all webauthn authenticators? -- GitHub Notification of comment by gmandyam Please view or discuss this issue at https://github.com/w3c/webauthn/issues/823#issuecomment-368984094 using your GitHub account
Received on Tuesday, 27 February 2018 18:47:40 UTC