- From: Adam Langley via GitHub <sysbot+gh@w3.org>
- Date: Tue, 01 May 2018 17:54:55 +0000
- To: public-webauthn@w3.org
The following commits were just pushed by agl to https://github.com/w3c/webauthn: * Include an AuthenticatorTransport when creating a new credential. FIDO U2F found it neccessary to wedge the authenticator transport in an X.509 extension of the attestation certificate in order to communicate this information to the RP. In Webauthn, we currently note that it's possible that an RP might learn this information from the attestation, but now have several kinds of attesattion and it seems dumb to define ways to wedge this information in each. Instead, have the client include the transport in the AuthenticatorAttestationResponse. Also, define another transport type for cases where a non-standard protocol is used to communicate with a platform authenticator. Since interface attributes cannot be optional, technically this is a breaking change, although I don't believe that it will break anything in practice. Still, this could also be punted to an extension if we wished. However, given that U2F found it to be so important, I've gone this route. by Adam Langley https://github.com/w3c/webauthn/commit/b7149f48f162a1cd48217fe90a28b9abd6f31a85 * Include updates from the pull request. by Adam Langley https://github.com/w3c/webauthn/commit/0ef2f2a4057434e03c1c1797ee282e6214e2c397
Received on Tuesday, 1 May 2018 17:54:58 UTC