- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Fri, 12 Jan 2018 23:35:37 +0000
- To: public-webauthn@w3.org
equalsJeffH has just created a new issue for https://github.com/w3c/webauthn: == attestation type identifiers and their use is only implicitly defined == all [defined attestation formats](https://w3c.github.io/webauthn/#defined-attestation-formats) contain, in their [verification procedure](https://w3c.github.io/webauthn/#verification-procedure), a statement of this form: > If successful, return [attestation type](https://w3c.github.io/webauthn/#attestation-type) \<foo> and \<bar> [attestation trust path](https://w3c.github.io/webauthn/#attestation-trust-path) However, [attestation type](https://w3c.github.io/webauthn/#attestation-type) identifiers are only implicitly defined is the above-cited statements. [note also: the term "attestation type identifier" is not used or defined.] By combing thru all such above-cited statements, it appears the present set of attestation type identifiers is: > Basic > ECDAA > Self > Privacy CA The "ECDAA" one is sort of defined in [S 6.3.3. Attestation Types](https://w3c.github.io/webauthn/#sctn-attestation-types). We ought to formally define all of the attestation type identifiers and appropriately auto-link them to their \<dfn>s. Note that PR #741 may add a fifth [attestation type](https://w3c.github.io/webauthn/#attestation-type) of "None". Also, how matching of attestation type identifiers is undefined (i.e. is it case-sensitive or not?), nor their syntax (e.g., is interstitial whitespace allowed? What is the charset allowed?), are defined. Please view or discuss this issue at https://github.com/w3c/webauthn/issues/746 using your GitHub account
Received on Friday, 12 January 2018 23:35:41 UTC