Re: [webauthn] Clarify authenticator behaviour when not implementing signature counter from Akshay Kumar via GitHub on 2018-07-25 (public-webauthn@w3.org from July 2018)

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 25 Jul 2018 16:25:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-407814520-1532535942-sysbot+gh@w3.org>

Just to be clear, authenticator which supports signature counter can also set signature counter to zero. For an authenticator which supports per credential based signature counter, (Like windows hello/ some external authenticators already in the wild), this counter signifies how many signatures were performed by that newly created credential which is zero at the time of credential creation. 

Whether authenticator actually supports signature counter or not is known at getAssertion time. 



-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1008#issuecomment-407814520 using your GitHub account

Received on Wednesday, 25 July 2018 16:25:52 UTC