Re: [webauthn] Delete per RP ID Signature counters from Akshay Kumar via GitHub on 2018-05-02 (public-webauthn@w3.org from May 2018)

From: Akshay Kumar via GitHub <sysbot+gh@w3.org>
Date: Wed, 02 May 2018 16:23:49 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-386037012-1525278227-sysbot+gh@w3.org>

Regarding 
`@akshayku notes that msft's platform authnr impls per-RPID counters`

I may have misspoken on the call. We implement per credential ID based counters and not RP based counters.

I agree with @agl and @rlin1 here. Per-RP based counters is a mistake and what we meant that it is per-credential based. 

So there are three options for the authenticator:
- Authenticator supports no signature counter.
- Authenticator support global signature coutner.
- Authenticator support per-credential signature coutner. 

I think we should recommend per-credential signature counter.



-- 
GitHub Notification of comment by akshayku
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/871#issuecomment-386037012 using your GitHub account

Received on Wednesday, 2 May 2018 16:23:56 UTC