Re: [webauthn] Verify signature first in RP operations?

Yes, I agree it's different in this case since there's no encrypted data in this protocol, so it's probably not a big deal. Rather something that might be worth considering.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1064#issuecomment-420805849 using your GitHub account

Received on Wednesday, 12 September 2018 21:35:06 UTC