W3C home > Mailing lists > Public > public-webauthn@w3.org > March 2018

Re: [webauthn] UVI modification with CDDL

From: gmandyam via GitHub <sysbot+gh@w3.org>
Date: Thu, 01 Mar 2018 19:51:11 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-369709868-1519933869-sysbot+gh@w3.org>
@rlin1 

We can relax size constraint to 64 bytes to allow for going up to SHA-512, if the desire ts to allow for stronger hashes.  Or we can keep the byte size indeterminate.

However, the current text allows the RP to ignore UVI sizes beyond 32 ("Servers supporting UVI extensions MUST support a length of up to 32 bytes for the UVI value.")  It seems that this requirement should be removed or reworded.

-- 
GitHub Notification of comment by gmandyam
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/821#issuecomment-369709868 using your GitHub account
Received on Thursday, 1 March 2018 19:51:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:47 UTC