Re: [webauthn] Attestation validation issues from gmandyam via GitHub on 2018-06-15 (public-webauthn@w3.org from June 2018)

From: gmandyam via GitHub <sysbot+gh@w3.org>
Date: Fri, 15 Jun 2018 17:25:45 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-397689261-1529083544-sysbot+gh@w3.org>

@emlun 

I would go even further than that.  SafetyNet is the only attestation format in the spec that is not specific to the credential itself.  In my opinion, it makes more sense as an extension than as a Webauthn attestation.  For instance, see the discussion in https://github.com/w3c/webauthn/issues/438.

-- 
GitHub Notification of comment by gmandyam
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/950#issuecomment-397689261 using your GitHub account

Received on Friday, 15 June 2018 17:25:49 UTC