- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Thu, 03 May 2018 21:23:56 +0000
- To: public-webauthn@w3.org
@agl wrote: > For now we can extract it from the attestation certificate, since it's wedged in there for RPs already. Hm, [AFAICT](https://en.wiktionary.org/wiki/AFAICT), that statement is (perhaps, likely, definitely)? true for only U2F authenticators. I.e., not necessarily true for "webauthn/FIDO2 authenticators" (nor UAF authnrs). The FIDO U2F spec you're implicitly referencing is [FIDO U2F Authenticator Transports Extension](https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-authenticator-transports-extension-v1.2-ps-20170411.html), yes? Might some vendors of "webauthn/FIDO2 authenticators" weigh-in regarding whether the latter authnrs' attestation certs do or do not include the [FIDO U2F Authenticator Transports Extension](https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-authenticator-transports-extension-v1.2-ps-20170411.html) ? In any case, if we desire the [FIDO U2F Authenticator Transports Extension](https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-authenticator-transports-extension-v1.2-ps-20170411.html) to be uniformly included in "webauthn/FIDO2 authenticators", then it seems we ought to (at least) submit a new issue against the webauthn spec requesting that (again, [AFAICT](https://en.wiktionary.org/wiki/AFAICT)). -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/pull/882#issuecomment-386441090 using your GitHub account
Received on Thursday, 3 May 2018 21:23:59 UTC