W3C home > Mailing lists > Public > public-webauthn@w3.org > January 2019

Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127)

From: Emil Lundberg via GitHub <sysbot+gh@w3.org>
Date: Fri, 11 Jan 2019 14:42:04 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-453538392-1547217723-sysbot+gh@w3.org>
It is also in the authenticator manufacturer's interest to make the batches as small as possible - to limit financial and brand damage from product recalls, lawsuits, etc. - so I don't think it's particularly likely that a hardware vendor would willingly use the same attestation key for larger batches than necessary.

-- 
GitHub Notification of comment by emlun
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1127#issuecomment-453538392 using your GitHub account
Received on Friday, 11 January 2019 14:42:05 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:35 UTC