[webauthn] TPM section is missing TPMT_PUBLIC validation steps from Ackermann Yuriy via GitHub on 2018-06-01 (public-webauthn@w3.org from June 2018)

From: Ackermann Yuriy via GitHub <sysbot+gh@w3.org>
Date: Fri, 01 Jun 2018 15:42:25 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-328568702-1527867744-sysbot+gh@w3.org>

herrjemand has just created a new issue for https://github.com/w3c/webauthn:

== TPM section is missing TPMT_PUBLIC validation steps ==
Propose adding TPM attestation validation steps for pubArea(TPMT_PUBLIC struct) as follows:

## Validate that pubArea is valid:
* Verify that nameAlg is set to to according hashing algorithm in TPM_ALG_ID
* Verify that type is set to to according signature algorithm in  TPM_ALG_ID
* Verify that unique is set to the newly generated public key
*  If type is set to RSA, verify that parameters.exponent is set to 2048 bits for


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/929 using your GitHub account

Received on Friday, 1 June 2018 15:42:27 UTC