Token binding review from John Bradley on 2018-03-12 (public-webauthn@w3.org from March 2018)

From: John Bradley <jbradley@yubico.com>
Date: Mon, 12 Mar 2018 00:22:01 -0300
To: W3C WebAuthn WG <public-webauthn@w3.org>
Cc: John Fontana <jfontana@yubico.com>
Message-Id: <A4EC6A0A-C2E1-441C-A26A-AA0C8DCD4056@yubico.com>

As Co Chair of the token Binding WG at the IETF I have reviewed the spec presented for CR.

It correctly uses the IETF token binding specs to prevent man in the middle attacks.

I support this spec moving forward.

Regards
John Bradley

Received on Monday, 12 March 2018 03:22:43 UTC