W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

[webauthn] TPM section is missing TPMT_PUBLIC validation steps

From: Ackermann Yuriy via GitHub <sysbot+gh@w3.org>
Date: Fri, 01 Jun 2018 15:42:25 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-328568702-1527867744-sysbot+gh@w3.org>
herrjemand has just created a new issue for https://github.com/w3c/webauthn:

== TPM section is missing TPMT_PUBLIC validation steps ==
Propose adding TPM attestation validation steps for pubArea(TPMT_PUBLIC struct) as follows:

## Validate that pubArea is valid:
* Verify that nameAlg is set to to according hashing algorithm in TPM_ALG_ID
* Verify that type is set to to according signature algorithm in  TPM_ALG_ID
* Verify that unique is set to the newly generated public key
*  If type is set to RSA, verify that parameters.exponent is set to 2048 bits for


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/929 using your GitHub account
Received on Friday, 1 June 2018 15:42:27 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC