- From: =JeffH via GitHub <sysbot+gh@w3.org>
- Date: Thu, 31 May 2018 21:46:57 +0000
- To: public-webauthn@w3.org
well, the section you cite, [7.1. Registering a new credential](https://www.w3.org/TR/webauthn/#registering-a-new-credential), says (in pertinent part): > 18. ... register the new credential with the account that was denoted in the `options.user` passed to `create()`, by associating it with the `credentialId` and [`credentialPublicKey`](https://www.w3.org/TR/webauthn/#credentialpublickey) ... ..and [`credentialPublicKey`](https://www.w3.org/TR/webauthn/#credentialpublickey) is a "COSE_Key-encoded" value and it "... MUST contain the optional "alg" parameter..." as well as the credential public key itself (and other stuff). See the examples in [6.3.1.1. Examples of credentialPublicKey Values encoded in COSE_Key format ](https://www.w3.org/TR/webauthn/#sctn-encoded-credPubKey-examples). So I'm thinking we're good and we already effectively "store the signature algorithm (`credentialPublicKey.alg`)", yes? If so then we can close this? -- GitHub Notification of comment by equalsJeffH Please view or discuss this issue at https://github.com/w3c/webauthn/issues/926#issuecomment-393691143 using your GitHub account
Received on Thursday, 31 May 2018 21:47:05 UTC